SME Rapid7 Vulnerability Management Specialist - VMS 25-25994


IT - NY - Brooklyn, NY
Kings County, New York
Locations: Kings County, Jamaica, Long Island City, New York
Posted On: July 09, 2025
Last Day to Apply: July 23, 2025
Pay: $60.00 to $75.00 per hour

Job Title: SME Rapid7 Vulnerability Management Specialist
Location: Brooklyn, NY
Duration: 2 Years (Contract)
Work Model: Hybrid (3 Days On-site / 2 Days Remote per Week)

Job Description:

We are seeking a Vulnerability Management Specialist to serve as a Subject Matter Expert (SME) in Rapid7 and vulnerability management practices. The ideal candidate will have deep experience in vulnerability scanning, CVE analysis, scripting, risk assessments, and reporting. This role is critical to supporting cybersecurity operations and enhancing the security posture across various environments.

Key Responsibilities:

  • Research, analyze, and provide briefings on CVEs, CVSS vector strings, attack vectors, NVD, MITRE, and mitigation techniques

  • Design and build scalable Rapid7 vulnerability scanning infrastructure

  • Manage, configure, and execute vulnerability scans across multiple networks

  • Analyze scan data using Rapid7 dashboards and reports to assess and prioritize risk

  • Evaluate vulnerabilities, develop mitigation strategies, and support remediation activities

  • Present technical briefings and reports to teams and stakeholders

  • Automate scanning and reporting tasks using scripting languages (Python, PowerShell, etc.)

  • Create dashboards and deep analysis reports using Rapid7, Excel, and PowerPoint

  • Travel within NYC as required for project support

Mandatory Skills & Experience:

Candidates must meet the following criteria to be considered:

  • 8+ years of experience in cybersecurity with focus on vulnerability management, scanning tools, assessments, scripting, and analysis

  • Deep understanding of CVEs, CVSS, NVD, MITRE ATT&CK, attack vectors, and mitigations

  • Hands-on expertise designing and operating Rapid7 vulnerability management solutions

  • Strong experience conducting scan result analysis and creating actionable reports

  • Skilled in scripting (Python, PowerShell) for automation of vulnerability management tasks

  • Proficient in Excel for data analysis (VLOOKUP, Pivot Tables)

  • Experience evaluating vulnerabilities and working through risk mitigation strategies

  • Comfortable communicating risk findings and technical overviews both verbally and in writing

  • Familiarity with threat landscapes, attacker TTPs, and Cybersecurity frameworks

  • Strong background with technologies such as firewalls, IDS/IPS, DMZ, VPN, DNS, and HTTP

  • Platform knowledge: Windows, Linux, VMware, Cisco IOS, Android, iOS

  • Understanding of cryptography principles (encoding, encryption, hashing)

  • Knowledge of security standards and best practices: NIST, CIS, Microsoft, Juniper, Palo Alto, Fortinet, etc.

  • Experience with security documentation (policies, plans, procedures)

  • Experience with Tableau for reporting is a plus

  • Excellent written, verbal, organizational, and analytical skills

Preferred Certifications (One or more):

  • CISSP – Certified Information Systems Security Professional

  • GSEC – Security Essentials Certification

  • GCIA – Certified Intrusion Analyst

  • GCIH – Certified Incident Handler

  • CEH – Certified Ethical Hacker

  • CWAPT – Certified Penetration Tester

© 2025 Powered by TalentNest | Privacy Policy
Skip to the main content