Job Description

Location: Santiago, DR
Work mode: Remote
Time: 08:00 a.m. m. - 05:30 p.m. m.

POSITION OVERVIEW:
We are seeking a highly motivated Senior Vulnerability Analyst to join our Information Security team. In this hands-on role, you will be responsible for identifying, assessing, prioritizing and driving remediation of vulnerabilities across the company's IT environment.
This position requires strong technical expertise, risk-based decision making, and collaboration with IT and development teams to reduce organizational risk and support compliance initiatives. You will also work closely with infrastructure and security teams to ensure timely remediation of risks and strengthen the overall security posture.

MAIN RESPONSIBILITIES/FUNCTIONS:
Vulnerability scanning and analysis (20%):
•\ Perform regular and on-demand vulnerability scans on networks, servers, endpoints, cloud systems, and applications using enterprise security tools.
•\ Validate and analyze the results to differentiate real vulnerabilities from false positives, evaluating their severity, exploitability and potential impact on business or security.
•\ Correlate findings from multiple sources (e.g., vulnerability scanners, EDR, EASM, penetration testing).
Risk assessment and remediation coordination (40%):
•\ Prioritize identified vulnerabilities based on their risk level (CVSS scores, threat intelligence, asset criticality) and collaborate with multidisciplinary teams to develop and track remediation plans within established SLAs.
•\ Work alongside the IT Infrastructure and Applications teams to drive remediation within the defined timelines.
•\ Monitor remediation progress and ensure accountability through ticketing systems and governance processes.
•\ Perform root cause analysis of recurring vulnerabilities and contribute to security improvements.
Execution of the vulnerability management program (15%):
Support and improve the enterprise vulnerability management program, including:
•\ SLA monitoring and compliance
•\ Exception management processes
•\ Metrics and reports
Reports and documentation (15%):
•\ Prepare clear reports and dashboards to communicate findings and risk levels to technical and non-technical audiences.
•\ Keep program documentation up to date, including scanning procedures, assessment results, remediation status, and evidence of compliance.
•\ Support audits by providing documentation and evidence.
Security tools management (10%):
•\ Operate, configure and maintain vulnerability management platforms, ensuring their integration with reporting systems and other security tools.
•\ Monitor tool performance and troubleshoot problems.

POSITION REQUIREMENTS:
Basic requirements for all employees are considered: command of MS Office tools (Word, Excel, Outlook), oral and written communication skills, good interpersonal relationships and the ability to work both individually and in a team.
Mandatory requirements:
•\ More than 4 years of experience in vulnerability management in enterprise environments
•\ Practical experience with vulnerability scanning tools (Tenable, Qualys, among others)
•\ Strong knowledge of enterprise IT infrastructure: operating systems, networks and cloud environments
•\ Experience in risk prioritization and remediation monitoring
•\ Good level of communication in English, both oral and written
Desirable (not required):
1.\ Relevant industry certifications
2.\ Bachelor's degree in information security or related areas
3.\ Experience in compliance frameworks (PCI DSS, SOC 2, CIS, among others)

OTHER BENEFITS:
•\ Weekly payment
•\ Free round-trip transportation
•\ Benefits of law
•\ Supplementary health insurance
•\ Benefits in pharmacy and optical center
•\ Internal cooperative
•\ Bonuses
•\ Referral program
•\ Paid vacations
•\ Growth opportunities
•\ Remote mode ",