Cybersecurity engineer

The Cybersecurity Engineer (Vulnerability Management) role sits within the Data Security Services team and is responsible for end‑to‑end ownership of the enterprise Vulnerability Management function. The role works closely with platform and infrastructure teams to drive timely remediation and strengthen the overall security posture. This position plays a critical role in coordinating with cross-functional IT teams to ensure effective vulnerability identification, assessment, and remediation across the organization. Key Responsibilities• Design, implement, and manage the Vulnerability Management Program, ensuring execution across all phases of the vulnerability management lifecycle. • Configure, schedule, and monitor vulnerability scans using enterprise tools (e.g., Tenable/Nessus), ensuring successful execution and investigating/re-running failed scans. • Perform continuous asset discovery and ensure newly identified assets are onboarded into the vulnerability management platform and properly registered in CMDB. • Assess and prioritize vulnerabilities using a risk-based approach, considering asset criticality, business impact, and environmental context. • Partner with infrastructure, network, and application teams (Windows, Unix, databases, etc.) to drive remediation of identified vulnerabilities. • Provide technical advisory to stakeholders on vulnerability impact, exploitability, and remediation strategies. • Analyze and validate false positives, identify technical constraints, and facilitate risk acceptance processes, including stakeholder alignment and approvals. • Lead remediation planning for penetration testing findings in collaboration with cross-functional teams. • Conduct threat exposure assessments and targeted vulnerability scans, driving mitigation and response actions. • Maintain and enhance vulnerability dashboards and reporting, delivering insights to both technical teams and senior management. • Track and report progress against defined KPIs and SLAs, ensuring compliance with organizational standards. • Escalate critical risks and provide timely updates to leadership and relevant stakeholders. • Drive continuous service improvements in vulnerability management processes, tools, and methodologies. • Support global coordination across teams operating in multiple geographical regions. • Ensure adherence to security policies, regulatory requirements, and compliance frameworks, including financial security and fraud prevention obligations. • Stay updated on emerging threats, vulnerabilities, and industry best practices, applying insights to improve organizational defenses. Qualifications and Profile • 8–10 years of overall IT experience with 4–7 years in Information Security and minimum 4+ years in enterprise Vulnerability Management. • Proven hands-on experience managing end-to-end Vulnerability Management programs in large enterprise environments. • Strong technical knowledge of vulnerability assessment and remediation across: • Operating systems (Windows, Unix/Linux) • Networks and infrastructure • Databases and application servers • Ability to analyze vulnerabilities, assess risk exposure, and prioritize remediation using a risk-based approach. • Hands-on experience with Tenable (Nessus) SecurityCenter or equivalent vulnerability scanning tools in large-scale environments. • Familiarity with threat and vulnerability intelligence and its application to enterprise security operations. • Strong understanding of security reporting requirements at both technical and management levels. • Hands-on experience creating reports, dashboards, and trend analysis using: • Excel, PowerPoint, Word • BI tools such as Power BI or similar • Ability to present insights in a clear, structured, and business-relevant manner. Interested applicants please send your resume in MS Words format toprasant.sirohi@ambition.com.sg and attention to Prasant Sirohi (R22106307) Shortlisted candidates will be notified www.ambition.com.sg EA Registration Number: R22106307 Data provided is for recruitment purposes only Business Registration Number: 200611680D. License Number: 10C5117