Overview
Skills
Job Details
Vulnerability Management Integration Engineer
Remote job
Eastern or Central hours preferred
Backfill role
A Vulnerability Management Integration Engineer is needed for an immediate remote contract opportunity. The role will work with security vendors and internal teams to ensure. Brinq a platform is configured and optimized. Specific tasks could include:
Onboarding additional data sources:
Tanium
AWS Inspector
Google Cloud Platform/AWS Asset Data
Google Cloud Platform
Azure
HackerOne
OnSpring
InfoBlox
Verizon NWPT Findings
Synopsys Pen Test Findings
Consolidation and normalization to build unified inventory
Contextualize and enrich data with business context and threat intelligence
Organize data into logical groups based on client reporting needs
Adjust prioritization by turning risk factors based on client SLA
Enable remediation with ticketing automation
Configure dashboards and advanced analytics
Documentation and team knowledge transfer
Develop and maintain playbooks for automated vulnerability data ingestion, normalization, and prioritization within VM tool(s), ensuring data consistency across all sources, including cloud workloads and data center assets
Analyze threat intelligence feeds and update VM configurations to prioritize vulnerabilities based on exploitability and real-world threats, reflected within the vulnerability aggregation platform and considering both cloud-specific and data center-specific risks.
Collaborate with security engineers, cloud architects, IT operations teams, and data center administrators to ensure smooth integration and data exchange between cloud vulnerability scanning solutions, data center vulnerability scanners, and other security tools
Create and maintain reports on vulnerability trends, remediation progress, and overall program effectiveness using VM reporting capabilities, incorporating data from cloud-based scans, data center scans, and the vulnerability aggregation platform(s) for a comprehensive view on a weekly (or biweekly) basis as requested.
Stay up-to-date on the latest vulnerability management best practices, emerging threats, new features of vulnerability aggregation platforms (Brinqa, and similar platforms), and security considerations for both cloud and data center environments
Assist with the development and implementation of vulnerability management policies and procedures, including those specific to cloud and data center environments
Work with cross functional teams on priority vulnerability tracking and remediation follow up
Develop ITSM Ticketing Workflows for Ownership Updates and other use cases
Qualifications:
This person will need to be well versed in JIRA and be willing to keep tickets and stories VERY updated, along with communicate with multiple different people on a daily basis and stick to tight timelines.
A weekly status report delivered each Friday afternoon is mandatory.
Active communication and stakeholder engagement is mandatory.
Time-bound JIRA stories must be completed before the due date.
Any issues that could potentially affect timeframes (lack of response, etc.) must be promptly escalated to management.