IT Security Lead (Vulnerability Management and PenTest)

Qualys, Server, OS, Servers, CEH (Certified Ethical Hacker), Network, information security, access control, patching systems, zero-day threats, incident response and vulnerability management tools, IT
Contract Corp-To-Corp, Contract Independent, Contract W2, C2H Corp-To-Corp, C2H Independent, 12-18 months +
Market
Telecommuting not available Travel not required

Job Description

IT Security Lead (Vulnerability Management and PenTest)

Long term contract

We are looking for a Lead Security Analyst who is expert in Vulnerability Management (VM) and PenTest who can run the VM implementation end-to-end

Responsibilities:

  • Administers the reporting functions of security monitoring systems, assisting in the identification and creation of appropriate reports for delivery to management.
  • Review all vulnerability scan results to identify all security risks and report on findings to appropriate partners
  • Responsible for researching and analyzing vulnerabilities, identifying relevant threats, corrective action recommendations, summarizing and reporting results.
  • Manage tracking and remediation of vulnerabilities by leveraging agreed-upon action plans and timelines with responsible technology developers and support teams.
  • Recommend appropriate policy, standards, process and procedural updates as part of comprehensive remediation solutions
  • Validate remediation by reviewing application updates or deployed mitigations to verify resolution.
  • Build effective relationships with stakeholders who own and support applications, IT infrastructure, and operations.
  • Evaluates new and emerging technology while making security recommendations to ensure the risk is controlled at an acceptable level.

 

Qualifications:

  • 6-7 years of deep experience on Vulnerability remediation process on Converged Infrastructure
  • Expert level experience in Vulnerability Management systems and tools like QualysGuard
  • Expert knowledge with information security methodology and tools such as access control, patching systems, zero-day threats, incident response and vulnerability management tools.
  • Advanced Threat Defense
  • Network security, Website security, Application security (SDLC), Server Security, Cyber Security, Internet security experience
  • Two or more of the following certifications: Security+, SANS, CISA, ECSA. CEH or CISSP , CCNA, CCNP certification desired and a plus.
  • Understanding of controls (e.g., access controls, auditing, authentication, encryption, integrity, physical security, and application security).
  • Must be well versed in operating systems such as Linux and Windows, Active Directory, VPN systems, encryption schemas and algorithms, various authorization and authentication mechanisms/software, network monitoring, TCP/IP networks and vulnerability and threat management tools (including network based scanners).
  • Experience with vulnerability scanners, vulnerability management systems, patches management, and host based security systems. Host Based Security Systems, patch management.
  • Beneficial if experienced in Database Activity Monitoring Systems (DAM), and Web Application Firewalls (WAF).

 

Keywords: Qualys, Server, OS, Servers, CEH (Certified Ethical Hacker), Network, information security, access control, patching systems, zero-day threats, incident response and vulnerability management tools, IT Security Lead, Cyber Security Lead Engineer, IT Security Architect, IT Security Consultant

 

Please send your resume to hr@tivasys.com

Posted By

111 W. St. John Street San Jose, CA, 95113

Contact
Dice Id : 10230188
Position Id : 599414
Have a Job? Post it

Similar Positions

Information Security Consultant
  • Resource Logistics
  • San Francisco, CA
Security Analyst
  • Prospance Inc.
  • San Jose, CA
Sr Security Analyst
  • Buxton Consulting
  • Pleasanton, CA
Web Applications Security Engineer
  • Saicon Consultants Inc.
  • San Francisco, CA
Security Engineer (Encryption/HSM)
  • WaveStrong, Inc.
  • Pleasanton, CA
Sr. Security Analyst
  • Sapvix
  • Pleasanton, CA
InfoSec Analyst
  • OTM Software Professionals
  • San Jose, CA
Intrusion Detection SIEM Architect / Analyst
  • CSI (Consultant Specialists Inc.)
  • San Francisco, CA
Senior IT Security Analyst (Information Security)
  • Telecare Corporation
  • Alameda, CA
Information Security Analyst
  • Calance US
  • Menlo Park, CA
Security Architect
  • ATMECS
  • San Carlos, CA
Security Architect
  • Denim Group Ltd
  • Foster City, CA
Sr Systems Security Engineer- Crypto/Blockchain
  • Phoenix 2.0, Inc
  • Menlo Park, CA