Rapid7 InsightVM – BAU Operations & Delivery Specialist Department Cybersecurity / Vulnerability Management 1. Role Purpose The Rapid7 InsightVM BAU Operations & Delivery Specialist is responsible for maintaining and optimizing the organisation’s vulnerability management operations. This role oversees day-to-day scanning, reporting, remediation coordination, and delivery of continuous vulnerability risk reduction across on-premise, cloud, and hybrid environments. 2. Key Responsibilities Administer and maintain Rapid7 InsightVM components, including scan engines, consoles, and site configuration. Execute scheduled and on-demand vulnerability scans across servers, endpoints, cloud workloads, and network devices. Validate results, eliminate false positives, and assign remediation actions to relevant asset owners. Track remediation progress and ensure adherence to defined SLAs. Develop and distribute vulnerability reports and dashboards for technical teams and leadership. Create and manage automated policies, tags, and dynamic asset groups within InsightVM. Collaborate with patch management, infrastructure, DevOps, and application teams to plan remediation activities. Support vulnerability assessments for new systems, deployments, or third-party integrations. Maintain Standard Operating Procedures (SOPs), runbooks, and documentation. Present vulnerability insights, trends, and risk posture to management and governance forums. 3. Required Skills & Experience Proven hands-on experience with Rapid7 InsightVM / Nexpose in an enterprise environment. Strong understanding of vulnerability assessment, CVSS scoring, and remediation workflows. Knowledge of Windows, Linux, network devices, and cloud platforms (AWS, Azure, GCP). Experience working with patch management platforms (e.g. SCCM, Intune, BigFix, Tanium, WSUS). Ability to interpret vulnerability data and communicate clearly with both technical and non-technical stakeholders. 4. Preferred Qualifications Certifications such as Rapid7 VM Certified Professional, CompTIA Security, CEH, CYSA, CISSP (or equivalent). Experience with automation using PowerShell or Python . Familiarity with ServiceNow or similar ITSM/ticketing tools. Exposure to compliance frameworks such as ISO 27001, PCI-DSS, or CIS Controls. 5. Core Competencies Strong stakeholder engagement and coordination. Analytical mindset with high attention to detail. Ability to work independently while managing multiple concurrent tasks. Clear communication and documentation skills. 6. Reporting Line Reports To: Vulnerability Management Lead / Cybersecurity Operations Manager