.Our missionWe are a cutting-edge e-commerce company. Our creative, smart and dedicated teams pool their knowledge and experience to find the best solutions to meet project needs, while maintaining sustainable and long-lasting results. How do we achieve this? By making sure that our teams thrive and develop professionally. Strong advocates of hiring top talent and letting them do what they do best, we strive to create a workplace that allows for an open, collaborative and respectful culture.The RoleThis is a highly visible role! You will protect our infrastructure by analyzing, remediating, and monitoring breaches, issues, incidents, and vulnerabilities. The right person must have excellent engagement and communication skills and a solid customer-focused and team-oriented approach that balances security needs and user experience to provide best-in-class security for the organization.Main responsibilities for this RoleKeep and improve the Vulnerability Management Program of the company.A focal point of contact for Vulnerability scanning schedule, configuration in a tool, and execution as per the schedule. Any failure of scans is to be investigated and scheduled to be re-run.Administration of Qualys Vulnerability Management, Detection & Response (VMDR) and using its various features to enable and support the Vulnerability Management Program.Usage of ManageEngine EndPoint Central, New Relic, and any other tools available in the company in order to take advantage of their features to improve the Vulnerability Management Program and Metrics.Conduct periodical discovery of IT Assets, ensuring that identified assets are appropriately tagged, and includes the new assets in the Vulnerability Management tool.Assess the identified vulnerabilities and study & understand the risk profile and impact.Identify any false positives reported and the technical limitations of the vulnerability in the environment and be able to declare and manage it within the Qualys tool.Keep and improve existing scripts to process vulnerability results (i.E. to automatically import them into Jira while matching existing data in Axonius).Facilitate the process of Risk Acceptance, coordinating with various stakeholders for proposing, seeking and maintaining the approvals for such cases.Perform Penetration Tests following OWASP and using tools such as Burp Suite or ZAP.Develop and manage a bug bounty program (i.E. write the security researcher conditions, review received vulnerabilities, etc.).Manage vulnerabilities reported by corporate antivirus (i.E. Crowdstrike).Collaborate with Infrastructure teams (Windows, Linux, Networks, etc.) for the remediation/mitigation of the identified vulnerabilities.Maintain the Vulnerability Dashboard for the scope and submit reports to both technical teams and Management.Keep and improve the existing server hardening guides, to avoid recurring vulnerabilities