L2 Vulnerability Management Engineer

About NetOne Zambia:NetOne Zambia is a leading Information & Communications Technology (ICT) services provider based in Lusaka, Zambia. The company offers a wide range of technology solutions designed to help businesses operate more efficiently and grow, including ERP design and implementation, data center services, infrastructure consulting, network deployment, cloud and security solutions, and 24/7/365 support. NetOne operates Zambia’s first multi‑tenant Tier‑III data center, providing high‑reliability hosting and digital services. With many years of experience, NetOne delivers customized enterprise solutions and professional support to organizations across multiple industries.Role Overview:We are seeking a highly skilled and detail-oriented L2 Vulnerability Management Engineer to join our cybersecurity team. The successful candidate will be responsible for identifying, analyzing, and remediating security vulnerabilities across systems, networks, and applications, ensuring the organization maintains a strong security posture.Key ResponsibilitiesPerform vulnerability assessments across servers, endpoints, network devices, and applicationsAnalyze vulnerability scan results and prioritize remediation based on CVSS scores and business impactExecute remediation actions including patching, configuration hardening, and mitigation techniquesConduct root cause analysis for recurring vulnerabilities and recommend long-term solutionsCollaborate with SOC teams for incident correlation, threat analysis, and remediation trackingValidate and enforce secure TLS configurations, protocols, and cipher suitesIdentify and remediate vulnerabilities related to outdated protocols, weak encryption, and misconfigurationsWork closely with application, infrastructure, and network teams to ensure secure implementationsManage OS and application patching, including testing and deployment coordinationPerform system hardening based on industry standards (e.g., CIS benchmarks)Monitor vulnerability trends and provide proactive risk reduction recommendationsTrack remediation lifecycle and ensure closure within defined SLAsPrepare detailed vulnerability reports, dashboards, and executive summariesSupport audits, compliance checks, and regulatory requirementsUtilize tools such as Qualys, Nessus, or similar vulnerability management platformsStay updated on emerging threats, CVEs, and security advisoriesPromote security awareness and best practices across teamsMinimum RequirementsBachelor’s degree in Information Security, Computer Science, IT, or a related field3-5 years experience in vulnerability management, security operations, or a similar roleHands-on experience with vulnerability scanning tools (e.g., Qualys, Nessus)Strong understanding of network security, operating systems, and application securityKnowledge of patch management and system hardening practicesFamiliarity with security frameworks and standards (e.g., ISO 27001, CIS benchmarks)Strong analytical, problem-solving, and communication skillsCertifications (Added Advantage)CEH (Certified Ethical Hacker)CompTIA Security+ISO/IEC 27001 CertificationQualys Certified Specialist or equivalentGIAC Certifications (e.g., GSEC, GPEN)Microsoft or Linux Security Certifications