Vulnerability Management Engineer
NC, Winston Salem
We are looking for a Vulnerability Manager Engineer for a full time permanent position with our client in Winston Salem, NC. The Vulnerability Management Engineer’s primary focus will be to drive company-wide initiatives including the Patch and Vulnerability Management program and the Insider Threat program while contributing to the creation and maintenance of security baselines, web content filtering, controls and compliance management.
Essential Functions and Responsibilities include:
- Analyze and scan network / system for security vulnerabilities, configuration issues, including impact assessment, and relevant industry standards (e.g. CVE, CVSS, SCAP)
- Subject matter expertise with Tenable Nessus or comparable vulnerability management toolset.
- Perform threats and vulnerability assessment and provide subject matter expertise on appropriate threats mitigation.
- Excel in an active role on Patch and Vulnerability Management Group; assisting in an active role in the integration of vulnerability scan results into threat prevention and risk management activities.
- Understand and be able to thoroughly communicate current vulnerabilities, incidents, advisories, attacks and countermeasures.
- Experience in coordinating penetration test activities from statement of work, to closing findings and lessons learned.
- Experience enhancing an insider threat program.
- Experience supporting Web filtering, Data Leakage Prevention tools and related processes
- Proactive in recommending continuous improvements as well as new or additional components and techniques that could be used to proactively detect and prevent malicious activity
- Assist in reducing our threat footprint by suggesting network and host-level controls that limit an attacker’s access and alert upon a security event.
- Perform in-depth analysis in support of network monitoring and incident response operations.
- Advanced security monitoring using real-time forensics
- Assess the impact of potentially malicious traffic on customer networks
- Understand the concepts behind the cyber kill chain
- Determine impact of potential intrusions on the network and infrastructure
- Identify intrusion activity by leveraging alert data from multiple sensors and systems and determine priority for response
- Knowledge of current cyber security events
- Knowledge of digital forensics and evidence handling techniques, tools and processes
Minimum Skills & Qualifications:
- Outstanding written and verbal communication skills, with a high degree of professionalism and strict attention to detail with Tenable Nessus, ArcSight, EnCase, Websense
- Must be a seasoned Vulnerability Management Engineering to proactively manage, upgrade, and improve a centrally managed infrastructure and provide customer support.
- Demonstrated subject matter expertise with vulnerability and patch management, insider threat and incident response.
- Broad knowledge in risk analysis, threat mitigation, and other security domains.
- Understanding of various networking Ports, Protocols and Services.
- Scripting experience (e.g. Perl, Python, Linux shell).
- Network architectures including vlan, routing, firewalls, load balancers, etc.
- Significant experience with Linux and Windows operating systems, knowledge of virtual environments and APT Methodologies.
- Develop and report appropriate metrics (key risk and performance indicators) to measure the monitoring program and related process.
- Candidate should have broad technical knowledge on a number of security technologies and a solid understanding of information and networking security.
- Soft skills such as the ability to build relationships, build consensus, negotiate solutions, and guide customers through their decision process are highly desirable.
Skills & Qualifications:
- Experience with installing and maintaining Tenable Nessus toolset
- 5+ years of experience delivering vulnerability management and engineering support
- 3+ years of experience with security monitoring tools, incident response tools, such as ArcSight, Forcepoint Websense, CarbonBlack or Guidance EnCase.
- Bachelor's degree in engineering, computer science, or a related field with minimum of 8 years of experience.
- Relevant industry certification, such as CISSP, etc. is desired.
- Ability to work with all levels within the organization.
- Membership with FS-ISAC, US-CERT and other relevant technological knowledge sharing forums is desired.
- Knowledge of ISO27001/ISO31000, NIST 800-61 and similar standards is preferred
- Tenable Certified Security Engineer (TCSE), Tenable Certified PVS Auditor (TCPA), Tenable Certified Nessus Auditor (TCNA) and/or Tenable Certified Nessus User (TCNU) is desired.
- Relevant ForcePoint WebSense certifications (DSS, CTEO, CTD), CTWO) is desired.
Qualified candidates should submit a word formatted resume to firstname.lastname@example.org