Vulnerability Management Specialist (Using Qualys & CVSSv3.1)

We have an urgent requirement for Vulnerability Management Specialist (Using Qualys & CVSSv3.1) with experience in banking domain is required for our banking clients in Abu Dhabi ,UAEConduct enterprise-wide vulnerability scans using Qualys.---MustAnalyze and prioritize vulnerabilities using CVSS v3.1 scoring, exploitability, asset criticality, and business context--MustStrong understanding of CVSS v3.1, CWE, OWASP Top 10, and risk-based vulnerability management.--MustJob SummaryWe are seeking a Vulnerability Management Specialist to lead the identification, assessment, and remediation tracking of security vulnerabilities across the bank’s enterprise environment. This role will own the end-to-end vulnerability lifecycle, from scanning and prioritization to executive reporting, ensuring risk reduction aligns with board-level risk appetite.

Key Responsibilities Vulnerability Scanning & Assessment

Conduct enterprise-wide vulnerability scans using Qualys. Perform regular authenticated and unauthenticated scans across infrastructure, applications, and cloud environments.

Risk-Based Prioritization

Analyze and prioritize vulnerabilities using CVSS v3.1 scoring, exploitability, asset criticality, and business context. Drive focus on high-risk exposures impacting critical banking systems.

Remediation Tracking & SLA Management

Maintain remediation SLA tracking dashboards for visibility into patching status and aging vulnerabilities. Follow up with IT and application owners to ensure timely closure within defined timelines.

Executive & Board-Level ReportingPrepare and present quarterly vulnerability posture reports for executive management and risk committees. Translate technical risk into business impact aligned with the board’s risk appetite.

Penetration Testing Coordination

Coordinate third-party and internal penetration testing exercises. Validate findings, track remediation, and ensure re-testing for closure.

Process & Tool Optimization

Enhance vulnerability management processes, reporting workflows, and Qualys platform configurations. Contribute to policy updates and KPI definition for continuous improvement.

Required Qualifications & Skills Experience:4+ years in enterprise vulnerability assessment, remediation tracking, and penetration test coordination.

Tools: Hands-on expertise with Qualys VMDR is a must-have.

Familiarity with ServiceNow VR, Tenable, or Rapid7 is a plus.

Framework Knowledge: Strong understanding of CVSS v3.1, CWE, OWASP Top 10, and risk-based vulnerability management.

Analytical Skills: Ability to contextualize technical vulnerabilities with business risk and communicate impact to technical and non-technical stakeholders.

Reporting: Experience building dashboards and executive reports for senior leadership and board-level consumption.

Certifications One of CISSP, Certified Ethical Hacker, OCSP(Anyone must)Skills: vulnerability management,vulnerability,cvss