L2 Vulnerability Management Engineer

About NetOne Zambia:

NetOne Zambia is a leading Information & Communications Technology (ICT) services provider based in Lusaka, Zambia. The company offers a wide range of technology solutions designed to help businesses operate more efficiently and grow, including ERP design and implementation, data center services, infrastructure consulting, network deployment, cloud and security solutions, and 24/7/365 support. NetOne operates Zambia’s first multi‑tenant Tier‑III data center, providing high‑reliability hosting and digital services. With many years of experience, NetOne delivers customized enterprise solutions and professional support to organizations across multiple industries.

Role Overview:

• Perform vulnerability assessments across servers, endpoints, network devices, and applications
  
• Analyze vulnerability scan results and prioritize remediation based on CVSS scores and business impact
  
• Execute remediation actions including patching, configuration hardening, and mitigation techniques
  
• Conduct root cause analysis for recurring vulnerabilities and recommend long-term solutions
  
• Collaborate with SOC teams for incident correlation, threat analysis, and remediation tracking
  
• Validate and enforce secure TLS configurations, protocols, and cipher suites
  
• Identify and remediate vulnerabilities related to outdated protocols, weak encryption, and misconfigurations
  
• Work closely with application, infrastructure, and network teams to ensure secure implementations
  
• Manage OS and application patching, including testing and deployment coordination
  
• Perform system hardening based on industry standards (e.g., CIS benchmarks)
  
• Monitor vulnerability trends and provide proactive risk reduction recommendations
  
• Track remediation lifecycle and ensure closure within defined SLAs
  
• Prepare detailed vulnerability reports, dashboards, and executive summaries
  
• Support audits, compliance checks, and regulatory requirements
  
• Utilize tools such as Qualys, Nessus, or similar vulnerability management platforms
  
• Stay updated on emerging threats, CVEs, and security advisories
  
• Promote security awareness and best practices across teams
  

• Bachelor’s degree in Information Security, Computer Science, IT, or a related field
  
• 3-5 years experience in vulnerability management, security operations, or a similar role
  
• Hands-on experience with vulnerability scanning tools (e.g., Qualys, Nessus)
  
• Strong understanding of network security, operating systems, and application security
  
• Knowledge of patch management and system hardening practices
  
• Familiarity with security frameworks and standards (e.g., ISO 27001, CIS benchmarks)
  
• Strong analytical, problem-solving, and communication skills
  

• CEH (Certified Ethical Hacker)
  
• CompTIA Security+
  
• ISO/IEC 27001 Certification
  
• Qualys Certified Specialist or equivalent
  
• GIAC Certifications (e.g., GSEC, GPEN)
  
• Microsoft or Linux Security Certifications