Sony Vulnerability Management Engineer 

Singapore 

100055186

The conversation starts here. If this role matches your ambitions and skillset,. Take a look at our other open positions too. Ourcan lead to.

What you will be doing

• Perform open-source research and analysis to identify newly disclosed vulnerabilities and emerging exploit techniques.
• Maintain awareness of the latest vulnerabilities, CVEs, misconfigurations, and exploitation trends.
• Write and distribute security advisories on critical vulnerabilities, including mitigation guidance and potential impact analysis.
• Identify and improve the process for collecting, analyzing, and prioritizing vulnerability data.
• Conduct regular assessments of vulnerability management tools and workflows to ensure effectiveness and efficiency.
• Create and update documentation for vulnerability management processes, tooling, and remediation workflows.
• Provide training and support to team members on the use of vulnerability scanning and assessment tools.
• Prepare detailed vulnerability assessment reports, risk analyses, and briefings for GSIRT and relevant stakeholders.
• Support projects to improve vulnerability identification, risk scoring, and remediation tracking processes.
• Leverage threat intelligence to assess and prioritize vulnerabilities based on exploitability, active exploitation, and potential business impact.
• Collaborate with other Security and Incident Response Teams to support coordinated remediation and risk mitigation efforts.

What you should have

• Minimum of 3 years’ experience in Information Technology or relevant education (bachelor’s degree) in a related subject.
• Proven experience in vulnerability management, assessment, and remediation.
• Familiarity with scripting or basic programming (e.g., Python, PowerShell) to support vulnerability analysis and reporting tasks.
• Understanding of system and network security principles, vulnerability exploitation methods, and patch management practices.
• Basic understanding of vulnerability management frameworks and standards (e.g., CVSS, NVD, OWASP Top 10).
• Experience analyzing and correlating vulnerability data to inform risk-based remediation strategies and strengthen the organization’s security posture.
• Familiarity with vulnerability scanning and management tools (e.g., Qualys, Tenable, Rapid7).
• Strong work ethic and commitment to accomplish assigned tasks with a sense of urgency.
• Good communication and advocacy skills, both verbal and written, with the ability to express complex and technical issues in clear, business-relevant language.

Benefits you will have

• Flexible work arrangement (because we understand Life happens)
• Comprehensive medical benefits (including physical health screenings and term life insurance benefits)
• AWS and variable bonus
• Special staff purchase rates
• Flexible benefits (so you can claim for that staycay or gym membership you’ve been eyeing)
• Corporate social responsibility time off for 1 day each year to volunteer for a charity of your choice
• Milestone gifts (such as long service award and marriage gift because we want to celebrate both your professional and personal milestones)
• Wellness activities to promote healthy lifestyles
• Curated training programmes to encourage continuous professional development