Information Security Engineer - Vulnerability Management III

Job title: Information Security Engineer - Vulnerability Management III

Location: Remote

Duration: 6 months+
Job Summary: Responsible for performing all functions required to support day-to-day data security operations and accountable for security and networking infrastructure component availability and integrity, monitoring compliance with IT security policy, and coordinating investigation and reporting of security incidents.
Primary Responsibilities:

• Define, deliver, and support enterprise security tools and architecture in collaboration with other teams.
• Enhance the client s network vulnerability management program for in-scope subsidiaries and affiliates.
• Define security environments and lead the implementation and onboarding of new applications, programs, processes, projects, and initiatives into the Enterprise Vulnerability Management Program.
• Communicate, escalate, support, and guide the resolution of open vulnerabilities, including infrastructure, application security, and configuration management vulnerabilities.
• Conduct security research on threats and remediation techniques/technology, make recommendations to IS/IT teams, and oversee their implementation.
• Proactively monitor and investigate security alerts from managed security service providers and in-house security tools.
• Conduct risk assessments to evaluate the effectiveness of existing controls and determine the impact of proposed changes to business processes, applications, and systems.
• Support ad hoc requests for reporting and control evidence, as needed.
• Perform threat analysis and incident response by interpreting events.
• Support the client s operational information security responsibilities, including developing and maintaining standards, procedures, and guidelines for the Enterprise Vulnerability Management Program.
• Share knowledge and industry best practices with team members.
• Serve as a security engineer/consultant on projects.

TECHNICAL SKILLS
Must Have Skills:

• Brinqa
• Lead and Implementation Experience
• Performing referral to principle
• Security
• Excellent communication and presentation skills with a proven background of presenting to senior leaders, large groups, etc. on relevant matters pertaining to large projects and impacting key functionality
• Proven consistent experience in vulnerability management, security engineering, security consulting etc.
• Proven experience with proactive threat management, research, escalation, discovery etc
• Solid understanding of popular security tooling and understanding of security architecture/interconnectedness of processes and tooling.

Nice to Have Skills:

• CISSP, CISA, CISM, AWS Solutions Architect certifications
• GRC/Audit management experience
• Scripting/automation experience - python preferred
• Solid proven experience with tooling such as Qualys, Brinqa, Archer, ServiceNOW, Checkmarx, Prisma (and any AWS experience is great as well)

Thank you!