Vulnerability Management Specialist
Kalepa Insurance Services, LLC, Cincinnati, OH, United States
Vulnerability Management Specialist page is loaded## Vulnerability Management Specialistlocations:
Cincinnati, OH:
TX Dallastime type:
Full timeposted on:
Posted Todayjob requisition id:
JR101367-The Vulnerability Management Specialist is a hands-on individual contributor responsible for executing Core Specialty’s vulnerability management program across endpoints, servers, cloud resources, and applications. This role focuses on continuous vulnerability scanning, risk analysis, remediation coordination, and reporting, working closely with IT, Infrastructure, Endpoint, and Threat teams.The ideal candidate is highly analytical, detail-oriented, and comfortable operating in a metrics-driven, SLA-based environment, with the ability to translate technical findings into actionable remediation guidance.***The selected candidate will be required to work a hybrid schedule (3 days in office/2 remote) out of our Dallas, TX, or Cincinnati, OH office. No relocation assistance is being offered with this role.*****Key Accountabilities/Deliverables:*** Conduct continuous vulnerability scanning across enterprise assets using Qualys and related tools.* Analyze scan results to validate findings, remove false positives, and assess exploitability.* Prioritize vulnerabilities using CVSS, Qualys Detection Score (QDS), asset criticality, and business impact.* Enforce remediation SLAs aligned to severity levels: Critical: 7 days, High: 30 days, Medium: 60 days, Low: 180 days.* Partner with Infrastructure, EUC, Cloud, and Application teams to drive timely remediation.* Support remediation activities using Qualys, Intune, JAMF, PolicyPak, and Microsoft Defender.* Ensure vulnerability management activities aligned with NIST, CIS Controls, ISO 27001, and insurance regulatory expectations.* Partner with Threat Intelligence and SOC teams to assess vulnerability exposure related to active threats.* Develop scripts (PowerShell) and workflows to support remediation, reporting, and validation.**Technical Knowledge and Understanding:*** Strong understanding of: CVSS scoring and risk prioritization, patch management and remediation workflows, endpoint, server, and cloud security fundamentals.* Ability to analyze technical findings and communicate risk clearly to non-security teams.* Strong documentation and organizational skills.**Experience required:*** 4+ years of experience in vulnerability management, security engineering, or threat operations.* Hands-on experience with vulnerability scanning platforms (Qualys preferred; Tenable/Rapid7 acceptable).* Experience working with Intune, JAMF, or similar endpoint management tools.**Certifications (Preferred):*** CompTIA Security+* Qualys Vulnerability Management certifications* GIAC certifications (e.g., GSEC, GCIH)* CISSP (or progress toward certification)**Applicants must be authorized to work for any employer in the U.S. We are unable to sponsor or take over sponsorship of an employment Visa for this position.**
#LI-Hybrid-At Core Specialty, you will receive a competitive salary and opportunities for professional development and advancement.
We offer medical, dental, vision, and life insurances; short and long-term disability; a Company-match of 100% of a 6% contribution 401(k) plan; an Employee Assistance Plan; Health Savings Account, Flexible Spending Account, Health Reimbursement Account, and a wellness programCore Specialty offers a diversified range of property and casualty insurance products for small to mid-sized businesses. From underwriting offices spanning the U.S., the Company focuses on niche markets, local distribution, and superior underwriting knowledge, offering traditional as well as innovative insurance solutions to meet the needs of its customers and brokers. For further information about Core Specialty, please visit . #J-18808-Ljbffr
Cincinnati, OH:
TX Dallastime type:
Full timeposted on:
Posted Todayjob requisition id:
JR101367-The Vulnerability Management Specialist is a hands-on individual contributor responsible for executing Core Specialty’s vulnerability management program across endpoints, servers, cloud resources, and applications. This role focuses on continuous vulnerability scanning, risk analysis, remediation coordination, and reporting, working closely with IT, Infrastructure, Endpoint, and Threat teams.The ideal candidate is highly analytical, detail-oriented, and comfortable operating in a metrics-driven, SLA-based environment, with the ability to translate technical findings into actionable remediation guidance.***The selected candidate will be required to work a hybrid schedule (3 days in office/2 remote) out of our Dallas, TX, or Cincinnati, OH office. No relocation assistance is being offered with this role.*****Key Accountabilities/Deliverables:*** Conduct continuous vulnerability scanning across enterprise assets using Qualys and related tools.* Analyze scan results to validate findings, remove false positives, and assess exploitability.* Prioritize vulnerabilities using CVSS, Qualys Detection Score (QDS), asset criticality, and business impact.* Enforce remediation SLAs aligned to severity levels: Critical: 7 days, High: 30 days, Medium: 60 days, Low: 180 days.* Partner with Infrastructure, EUC, Cloud, and Application teams to drive timely remediation.* Support remediation activities using Qualys, Intune, JAMF, PolicyPak, and Microsoft Defender.* Ensure vulnerability management activities aligned with NIST, CIS Controls, ISO 27001, and insurance regulatory expectations.* Partner with Threat Intelligence and SOC teams to assess vulnerability exposure related to active threats.* Develop scripts (PowerShell) and workflows to support remediation, reporting, and validation.**Technical Knowledge and Understanding:*** Strong understanding of: CVSS scoring and risk prioritization, patch management and remediation workflows, endpoint, server, and cloud security fundamentals.* Ability to analyze technical findings and communicate risk clearly to non-security teams.* Strong documentation and organizational skills.**Experience required:*** 4+ years of experience in vulnerability management, security engineering, or threat operations.* Hands-on experience with vulnerability scanning platforms (Qualys preferred; Tenable/Rapid7 acceptable).* Experience working with Intune, JAMF, or similar endpoint management tools.**Certifications (Preferred):*** CompTIA Security+* Qualys Vulnerability Management certifications* GIAC certifications (e.g., GSEC, GCIH)* CISSP (or progress toward certification)**Applicants must be authorized to work for any employer in the U.S. We are unable to sponsor or take over sponsorship of an employment Visa for this position.**
#LI-Hybrid-At Core Specialty, you will receive a competitive salary and opportunities for professional development and advancement.
We offer medical, dental, vision, and life insurances; short and long-term disability; a Company-match of 100% of a 6% contribution 401(k) plan; an Employee Assistance Plan; Health Savings Account, Flexible Spending Account, Health Reimbursement Account, and a wellness programCore Specialty offers a diversified range of property and casualty insurance products for small to mid-sized businesses. From underwriting offices spanning the U.S., the Company focuses on niche markets, local distribution, and superior underwriting knowledge, offering traditional as well as innovative insurance solutions to meet the needs of its customers and brokers. For further information about Core Specialty, please visit . #J-18808-Ljbffr