Vulnerability Management Engineer
12 Months Contract with Possible extension
HYBRID in (BURBANK, SEATTLE, ORLANDO, NEW YORK OR BRISTOL)
Overview:
The Global Information Security (GIS) group provides services and solutions to protect the value and use of client's information through risk evaluation, collaboration, standardization, enforcement, and education across the enterprise. We protect the brand and reputation while enabling and supporting business objectives.
- Provide operational support for security initiatives through the application of automation to vulnerability management processes
- Lead special projects as demanded by industry developments such as authoring methods of vulnerability detection
- Introduce new technologies to support process improvement and efficiency gains to EVM services
- Lead remediation campaigns for critical vulnerability remediation
- Serve as a point of contact for technical issues for EVM supporting technologies
- Coordinate and facilitate team training activities to enhance team skills and capabilities
- Validate vulnerabilities remediated, including verification of ability to verify false positives
- Perform barrier analysis on vulnerability remediation and work with Information Security and Operations teams to identify and recommend corrective measures
- Support execution of vulnerability management program through meeting facilitation, activity measurement, customer engagement, and program education
- Identify and execute on continuous improvement and expansion opportunities for enterprise vulnerability management services
- Perform data analysis of diverse and historical data sets in support of vulnerability management project and program decisions
- Evangelize the vulnerability management program and facilitate customer collaboration for program improvement
Basic Qualifications
- Analysis of known and emerging threats to determine risks against business assets
- Creation, maintenance, governance and communication of security policies and standards across the org
- Assessment and audit of compliance against the security policies and standards
- Assurance that assets are effectively managed and monitored to meet security criteria
- Manage end-to-end Enterprise Vulnerability Management (EVM) process with a focus on the segment
- Monitor and track results of vulnerability detection tooling and research remediation actions
- Validate in place mitigations for effectiveness for risk reduction
- Act as Change Manager per segment process to ensure mitigation/remediation actions are tested, validated, and approved per business process
- Perform hands on validation through manual testing techniques
- Author scripts to perform automated vulnerability validation to ensure that remediation resources are prioritized effectively
- Analyze and understand segment capabilities and ensure that minimum vulnerability controls are adhered to in the most efficient manner
- Perform data analysis of vulnerability tooling output to determine where to focus remediation resources
- Prepare weekly vulnerability reporting and meet with asset owners to prioritize remediation resources
Compensation:
The estimated pay range for this position is USD $70.00/hr - $77.50/hr and is an Exempt role.
Exact compensation and offers of employment are dependent on circumstances of each case and will be determined based on job-related knowledge, skills, experience, licenses or certifications, and location.
Benefits:
We offer comprehensive benefit options which vary depending on role, location, and employment type. The Talent Acquisition Partner can share more details about compensation or benefits for the specific role during the hiring process.