The Vulnerability Management Engineer uses various security tooling to identify, classify and track remediation of vulnerabilities in our systems. The Vulnerability Management Engineer is a subject matter expert in systems engineering, network architecture and security tooling, to name but a few. The Vulnerability Management Engineer interacts with other teams to enable prioritization, escalation and remediation of vulnerabilities, as needed. The Vulnerability Management Engineer uses both automated scanners as manual penetration testing to assess the security posture of the environment.The Vulnerability Management Engineer documents policies, standards and processes related to Vulnerability Management, and keeps them current.The Vulnerability Management Engineer keeps track of remediation of vulnerabilities as they are handed off to the other teams.
- The main focus for the position is Vulnerability Management, but a strong knowledge of various security tooling, systems in the cloud, on-prem systems and networking is required, at least on a conceptual level.
- Assists in the review, monitoring and/or auditing of applicable daily Security Log Activity and Events. Takes action as necessary; escalate to senior staff if required. Logs could include, but are not limited to the following:
- Vulnerability Scans – Kubernetes/Containers
- Vulnerability Scans – Database
- Vulnerability Scans – PCI ASV
- Active Directory Changes
- User Activity
- Netflow Analytics
- Firewall and ACL Changes
- DAST Scan Results
- Group Policy Changes
- Cloud security tooling
- Where needed, update or create documentation for the overall Vulnerability Management Program, use of security tools, such as SOPs, architecture documentation, ...
- Support our compliance programs (such as PCI) by helping implementing and documenting controls, examining evidence for compliance to standards.
- Run Scans and Penetration Testing.
Knowledge, Skills and Abilities:
- Prior experience in Vulnerability Management and its related processes and procedures.
- Possess an understanding of PCI Compliance and EU GDPR Requirements
- Strong knowledge of multiple security tools for both Cloud and On-Prem scenarios.
- Good knowledge of AWS (Amazon Web Services), GPC (Google Private Cloud), Azure, or other cloud platforms and related technologies is strongly desired.
- Strong knowledge of SIEM, such as Splunk, and related tooling and automation.
- Strong Knowledge of Vulnerability Management solutions.
- Provide support for strategic business process/reengineering consulting as appropriate and work on multiple technically complex high profile projects.
- Demonstrate an understanding of key IT operational policies, processes and methodologies applicable to governance, risk management and compliance.
- General understanding of security fundamentals (cryptography, least privilege, segregation of duties,…) and general security technologies, including operating systems, network security (firewalls, VPNs, etc.), security event management, business continuity, physical security, identity management, directory services, etc.
- Knowledge of Active Directory, DDNS, Group Policy, Microsoft Windows Server and Desktop operating systems
- Strong work ethic, including consistent documentation and tracking of activities.
- Ability to work in fast paced, rapidly changing environment and a strong desire to learn
- You are a self-starter, and require only minimal guidance to get results.
Generally requires 3-5 years of experience in the following:
- Experience working with information systems as a system administrator or engineer, security engineer, vulnerability management engineer, or network administrator with at least two of those with direct information security duties
- Experience with cloud, systems, and network security
- Experience with various tooling in the Information Security space
- Experience working with, and setting up alerts and queries in Splunk or other SIEM tools
- Knowledge of IT/Information Security Audit and assessment.
- Knowledge of PCI DSS and EU GDPR.
- Knowledge researching, analyzing and recommending information security solutions.
- Development and automation experience is a big plus, build your own tools!
- A working knowledge of information security practices and concepts including intrusion detection/ prevention, access controls, risk analysis and data encryption.
- Strong organizational, excellent written, verbal and interpersonal communication skills are needed to work effectively with a wide variety of staff, outside consultants and vendors.
- Bachelor’s Degree in Information Technology, Information Security, Computer Science, or related field required.
- Advanced industry certification strongly desired, e.g. SANS GIAC, CompTIA Security+, CISSP, CISM, Certified Cloud Security Professional (CCSP), Certified Ethical Hacker (CEH)