You are here
Security Vulnerability Engineer | Threat Management
About Our Client
The Vulnerability and Threat Management Team is tasked with continually improving the security posture through the analysis of vulnerability and threat data, responding appropriately to the results of such analysis, providing security-related guidance, developing security policies and evangelizing security matters throughout the company.
- Identify internal and external threats that could result in unauthorized disclosure, misuse, alteration or destruction of customer information or customer information systems
- Produce vulnerability, configuration, and coverage metrics and reporting to demonstrate assessment coverage and remediation effectiveness
- Recommend security controls and/or corrective actions for mitigating technical and business risk.
- Analyze threat and vulnerability feeds and analyze data for applicability
- Conduct vulnerability assessments, red teaming and penetration testing to identify weaknesses and countermeasures.
- Perform attack surface reviews and multilayer defense systems to prevent exploits, detect and intercept attacks, and discover threat agents
- Leverage software tools to aid in the discovery and removal of vulnerabilities in a system
- Work with both external vendors and other SRM groups to coordinate and conduct schedule and ad-hoc testing
The Successful Applicant
- 5+ years of experience in performing vulnerability assessments and penetration tests
- Experience running & managing automated vulnerability scanning and related tools
- Knowledge of standard vulnerability & exploit framework (ex: CVSS, OWASP Top 10)
- Experience securing multiple platforms and operating systems
- Expertise of industry standard threat and vulnerability controls
- Solid understanding of network design and architecture
- An understanding of security frameworks: ISO 2700X, NIST, CIS
- Bachelor's degree in a related field and/or a minimum of 5 years of equivalent experience
- Information Security and control certifications preferred (CISSP, SSCP, GIAC, CEH, SECURITY+)
What's on Offer
Basic + Bonus