Define vulnerability intake and triage expectations.
Security Operations Support
Vulnerability Management Review
A governance-focused review of vulnerability intake, prioritization, remediation ownership, and reporting cadence.
- Organization
- Cybersecurity Internship Portfolio
- Duration
- 2 weeks
- Project Type
- Security Operations Support
Business Context
Why the work mattered
Vulnerability work requires more than scanning. This project reviewed the process governance needed to prioritize, assign, track, and report remediation activity.
Objectives
Engagement goals
Prioritize remediation by business context and severity.
Document ownership and target timelines.
Create a reporting model for leadership visibility.
Methodology
Structured process
The methodology explains how the work moved from context gathering to documented recommendations.
Step 1
Process Mapping
Understand how findings move from detection to closure.
Mapped intake, validation, prioritization, assignment, remediation, and verification steps.
Step 2
Prioritization
Connect technical severity to business risk.
Considered asset criticality, exploitability, exposure, and compensating controls.
Step 3
Reporting
Support accountability and trend visibility.
Defined metrics, escalation triggers, and review cadence.
Deliverables
Artifacts produced
Vulnerability Governance Checklist
Checklist for intake, ownership, remediation, and exception handling.
Improves consistency and accountability in vulnerability workflows.
Skills Demonstrated
Professional competencies
Outcomes
Project impact
- The remediation process became easier to explain and govern.
- Prioritization was linked to business context rather than severity alone.
Lessons Learned
Professional growth
Related Projects
Continue exploring

Governance
Governance Policy Development
A structured policy development engagement aligning security expectations with business objectives and recognized frameworks.

Internal Audit
Internal Cybersecurity Audit
An internal assessment that reviewed security controls, documented gaps, and produced a prioritized remediation roadmap.

Risk Management
Enterprise Risk Assessment
A risk assessment project documenting assets, threats, likelihood, impact, and treatment options for management review.
Discuss GRC opportunities
Contact Osen after reviewing this project or download the resume for a concise overview.