Job Summary: We are seeking a professional to manage the continuous vulnerability management across infrastructure, applications, and services, ensuring information security. Key Highlights: 1. Strategic role in reducing cyber risks 2. End-to-end vulnerability lifecycle management 3. Continuous improvement of security processes and policies We are looking for a professional responsible for leading continuous vulnerability management across infrastructure, application, and service environments—from identification through to remediation validation. The candidate will play a strategic role in reducing the attack surface, mitigating cyber risks, and strengthening the organization’s information security posture, while ensuring compliance with standards, internal policies, and regulatory requirements. Requirements: **Key Responsibilities:** Manage the full vulnerability management lifecycle, including identification, analysis, classification, prioritization, remediation, and validation of fixes. Operate, administer, and enhance vulnerability scanning and monitoring tools across on-premises, cloud, and hybrid environments. Perform technical analysis of scan results, eliminating false positives and assessing the real business-impact risk posed by vulnerabilities. Collaborate closely with Infrastructure, Development, and DevOps teams to support patching, hardening, and remediation activities within defined SLAs. Track action plans, ensuring timely execution and effectiveness of mitigation measures. Develop and maintain security metrics (KPIs and KRIs), as well as technical and executive reports on exposure levels and environment maturity. Support internal and external audits, compliance processes, and information security-related risk assessments. Contribute to the continuous improvement of security processes, policies, and controls. **Requirements:** Proven experience in Information Technology, specifically in Vulnerability Management. Completed undergraduate degree in IT-related fields (e.g., Information Systems, Computer Science, Networking, etc.); or an undergraduate degree in any field, provided a completed postgraduate program or MBA in Technology or Information Security is held. Solid knowledge of Windows and Linux operating systems, as well as foundational computer networking concepts. Analytical ability to interpret risks and make decisions based on severity and business impact.