Information Security Engineer - Vulnerability Management

About The Position

Requirements

• Bachelor's degree in Computer Science, Computer Engineering, or related discipline required.
• Minimum 4 years of related experience or equivalent combination of education and related experience required.
• Microsoft Windows Server systems hardening, auditing and logging
• Linux Operating Systems
• Vulnerability Management Programs
• Supporting a organization with threat analysis
• Demonstrate advanced understanding of the principles of vulnerability assessments
• Vulnerability assessment tools (Qualys)
• Strong verbal and written communications skills with the ability to explain technical issues to non-technical audiences
• Strong team player with a willingness to share information and train others; act as a mentor to less seasoned team members
• Self-starter, with the ability to work with minimal direct supervision
• Highly organized and capable of prioritizing work loads
• Experienced in developing and presenting solution recommendations
• Participation in on-call rotations is required
• Ability to travel to on-site meetings ~2x/year.

Nice To Haves

• Project Management skills a plus
• A sense of unparalleled passion, energy, and eagerness to contribute to and support the mission of the Red Cross
• Combination of candidate’s education and general experience satisfies requirements so long as the total years equate to description’s minimum education and general experience years combined (Management experience cannot be substituted).

Responsibilities

• Collaborate with InfoSec engineers to review, assess and provide remediation recommendations regarding discovered vulnerabilities and their potential impact to the organization.
• Communicate with system owners the recommended remediation actions providing a comprehensive remediation solution as a collaborative effort to lower the risks to the organization.
• Establish communications with the organization for the release of newly identified vulnerabilities.
• Conduct research and evaluate technical and cyber threat intelligence to develop in-depth analysis and assessment on threats to vulnerabilities
• Track progress of vulnerability remediation with responsible system owners and/or support teams.
• Coordination with system owners to ensure remediation efforts are consistent with policy and escalate instances of non-compliance.
• Provide organizational vulnerability reporting to leadership with tracking, remediation efforts, etc.
• Respond to cyber security incidents
• Typically has other unit-specific duties within the scope of the job

Benefits

• Medical, Dental Vision plans
• Health Spending Accounts & Flexible Spending Accounts
• PTO: Starting at 19 days a year; based on type of job and tenure
• Holidays: 11 paid holidays comprised of six core holidays and five floating holidays
• 401K with up to 6% match
• Paid Family Leave
• Employee Assistance
• Disability and Insurance: Short + Long Term
• Service Awards and recognition