Security Analyst – Vulnerability Management
Nigeria
Full Time
3 weeks ago
No Sponsorship
Key skills
AWSCloudCyber SecurityGoogle Cloud PlatformLinuxGCPGoogle Cloud
About this role
Role Overview
- Execute and monitor periodic vulnerability scans across internal infrastructure and cloud platforms.
- Conduct periodic scans to support compliance requirements.
- Perform External Attack Surface Assessments on internet-facing assets.
- Assist in validating scan results and identifying false positives.
- Analyze Vulnerability scan results to identify security gaps and potential threats.
- Prioritise Vulnerability scan report based on risk severity and business impact.
- Report findings to asset owners and relevant stakeholders for timely remediation.
- Collaborate with IT, System Administrators, and Product Teams to ensure vulnerabilities are remediated within defined Service Level Agreements (SLAs).
- Track remediation progress and follow up on outstanding vulnerabilities.
- Support implementation of mitigation strategies where immediate remediation is not possible.
- Assist in performing risk assessments related to identified vulnerabilities.
- Support documentation of risks and contribute to mitigation planning.
- Maintain awareness of evolving risk posture across systems.
- Support the operation and maintenance of vulnerability management tools.
- Assist in scan configuration, execution, result interpretation and reporting.
- Support vulnerability management activities aligned with standards such as PCI-DSS, ISO 27001, and NIST.
- Assist with audit preparation, including evidence gathering and documentations.
- Ensure scanning and remediation practices meet compliance requirements.
- Assist in creating dashboards and reports to visualize vulnerability trends, risk posture, and remediation performance.
- Maintain accurate records of vulnerabilities, remediation status, and scan history.
- Communicate findings clearly to both technical and non-technical stakeholders.
- Suggest improvements to scanning, reporting, and remediation workflows.
- Assist in Incident Response tasks and post-incident analysis when needed.
- Assist in Threat Intelligence tasks from internal and external sources when needed.
- Track emerging threats, vulnerabilities, and tactics used by relevant threat actors.
- Contribute to threat briefings and recommendations for security controls.
- Stay current with emerging vulnerabilities, threats, and cybersecurity trends.
- Participate in training, labs, and knowledge-sharing sessions.
- Continuously develop technical skills in security tools and methodologies.
Requirements
- Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field.
- Good understanding of vulnerability management lifecycle, vulnerability scanning/patch management tools, SIEM, EDR, CSPM is an advantage.
- Understanding of networking fundamentals, operating systems, and cloud concepts.
- Strong analytical and problem-solving skills.
- Ability to work collaboratively and willingness to learn.
- Entry-level certifications such as CompTIA Security+, ISC2 (CC), BTL1, eJPT
- Familiarity with Linux/Windows environments and cloud platforms (AWS, or GCP).
- Hands-on lab, internship, or project experience in security operations or vulnerability assessment.
Tech Stack
- AWS
- Cloud
- Cyber Security
- Google Cloud Platform
- Linux
Benefits
- Culture -We put our people first and prioritize the well-being of every team member. We’ve built a company where all opinions carry weight and where all voices are heard. We value and respect each other and always look out for one another. Above all, we are human.
- Learning
- We have a learning and development-focused environment with an emphasis on knowledge sharing, training, and regular internal technical talks.
- Compensation
- You’ll receive an attractive salary, pension, health insurance,, Employee Stock Options, annual bonus, plus other benefits.