Sr. Specialist, Security Engineer
About The Position
The Sr. Specialist, Security Engineer (Vulnerability Management Engineer) protects the organization's information assets and technology infrastructure by implementing security controls, monitoring for threats, and responding to incidents. This role ensures compliance with relevant security policies and regulatory requirements while safeguarding the confidentiality, integrity, and availability of data, supporting the company’s ability to operate securely and meet its business objectives. More specifically, you will: Monitor Security Systems: Continuously monitor security systems and logs to detect and respond to security incidents promptly and effectively. Manage Vulnerabilities: Identify, assess, and remediate vulnerabilities in systems and applications through regular testing and patching, conducts vulnerability scans, maintains tools, generates metrics, and consults on remediation, maintain assets and perform remediation, Own the process, application, or IT asset and are accountable for remediation, Management of the vulnerability lifecycle, including scanning, remediation, and patching governance Implement and Maintain Security Tools: Deploy and manage security tools, such as Service Now VR, Qualys, MS defender, Intune, SCCM. Metrics: Come up with smart metrics to analyze the Vulnerabilities trend in the company environment. Strong hold on Qualys queries focused on defining vulnerability management metrics, including tracking outstanding, new, and fixed vulnerabilities, asset inventory breakdowns (end-of-life vs. non-end-of-life), and team-wise vulnerability metrics. Develop Policy and Procedures: Create, update and enforce security policies, standards, and procedures to ensure consistent security practices across the organization.
Requirements
- Knowledge Cybersecurity frameworks and standards (e.g., NIST, ISO 27001)
- Network security principles and protocols
- Security tools and technologies (e.g., Qualys, Service Now VR, SCCM, MS Intune, Patching tools)
- Skills Incident response and handling
- Vulnerability assessment and penetration testing
- Analytical and problem-solving skills
- Excellent written and verbal communication
- Interpersonal skills
- Technical proficiency in security tools and systems
- Mindsets Proactive
- Detail-oriented
- Adaptable and resilient
- Collaborative
- Continuous learning and improvement
- Bachelor's degree in Computer Science, Information Security, or a related field (required)
- Security certifications such as CompTIA Security+, CEH, or equivalent (required)
- 3+ years of experience in IT security or a related role (required)
Nice To Haves
- Master's degree in Information Security, Cybersecurity, or related field (preferred)
- Advanced certifications such as CISSP, CISM, or OSCP (preferred)
- 5+ years of experience in IT security (preferred)
- Experience with enterprise security tools and frameworks (preferred)
- Proven track record in policy development and risk mitigation (preferred)
Responsibilities
- Monitor Security Systems
- Manage Vulnerabilities
- Implement and Maintain Security Tools
- Metrics
- Develop Policy and Procedures
Benefits
- Multiple Healthcare plan choices
- Dental and vision insurance
- A 401(k) plan with company and matching contributions
- Short- and Long-Term Disability
- Life, AD&D, and Voluntary Insurance plans
- Paid holidays & vacation
- Floating days off
- Parental leave for new parents
- Employee resource groups
- Learning & development programs
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
