Information Security Engineer - Vulnerability Management
About The Position
We are actively seeking and experienced Vulnerability Management Analyst to join our Information Security team. In this role, you will be responsible for monitoring and reviewing vulnerability and compliance scan results. Performing detailed research and analysis of scheduled and on demand vulnerability assessments and post results to the system owners. Communicating to the leadership the vulnerability posture of the organization assisting the organization with lowering the overall risk posture for threats to the systems and data. Qualified candidates will have a background in security or systems engineering. The work location for this position is remote. While the position can be worked from anywhere in the United States.
Requirements
- Technical skills with Microsoft Windows Server systems hardening, auditing and logging
- Technical Experience working with Linux Operating Systems
- Experience with Vulnerability Management Programs and supporting a organization with threat analysis
- Demonstrate advanced understanding of the principles of vulnerability assessments
- Experience with Vulnerability assessment tools (Qualys)
- Strong verbal and written communications skills with the ability to explain technical issues to non-technical audiences
- Must be a strong team player with a willingness to share information and train others; act as a mentor to less seasoned team members
- Must be a self-starter, with the ability to work with minimal direct supervision
- Must be highly organized and capable of prioritizing work loads
- Must be experienced in developing and presenting solution recommendations
- Occasional after-hours work, 5%
- Travel and participation in on-call rotations is required
- 4-year college degree or equivalent combination of education and experience
- Computer Science, Computer Engineering, or related field
- Minimum 1 to 3 years required
Nice To Haves
- Project Management skills a plus
Responsibilities
- Collaborate with InfoSec engineers to review, assess and provide remediation recommendations regarding discovered vulnerabilities and their potential impact to the organization.
- Communicate with system owners the recommended remediation actions providing a comprehensive remediation solution as a collaborative effort to lower the risks to the organization.
- Establish communications with the organization for the release of newly identified vulnerabilities.
- Conduct research and evaluate technical and cyber threat intelligence to develop in-depth analysis and assessment on threats to vulnerabilities
- Track progress of vulnerability remediation with responsible system owners and/or support teams.
- Coordination with system owners to ensure remediation efforts are consistent with policy and escalate instances of non-compliance.
- Provide organizational vulnerability reporting to leadership with tracking, remediation efforts, etc.
- Respond to cyber security incidents
- Typically has other unit-specific duties within the scope of the job
Benefits
- Medical, Dental Vision plans
- Health Spending Accounts & Flexible Spending Accounts
- PTO: Starting at 19 days a year; based on type of job and tenure
- Holidays: 11 paid holidays comprised of six core holidays and five floating holidays
- 401K with up to 6% match
- Paid Family Leave
- Employee Assistance
- Disability and Insurance: Short + Long Term
- Service Awards and recognition
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
Associate degree
