Description

Summary

Key responsibilities and tasks include:

Analyzing and addressing vulnerabilities, misconfigurations, and flaws associated with organizational networks, systems, and applications (proactively/reactively)
Manage vulnerability scanning results and analysis 
Identify and develop workflow automation to lower identification and response times
Develop dashboards/reports with findings and remediation steps for different audiences/stakeholders 
Support emergency/incident-response activities, as needed
Collaborate with cross functional stakeholders to facilitate information sharing, prioritize risks, and support remediation
Ensure communication and escalation of high risk vulnerabilities to leadership and other stakeholders 
Network design evaluation 
Security analysis of Technical network architecture
Internal/external response for Information security related topics

Role Requirements

Knowledge and experience in Linux / Windows System administration and Virtualization (VMware / Xen)
Knowledge and experience in Hyperscalers (Azure/GCP/AWS) 
Knowledge and experience in network administration of switches, routers and load balancers
Knowledge and experience in information security technologies such as anti-virus, malware detection, firewalls, VPN, IDS, authentication and SIEM
In depth understanding of security concepts, principles and practices related to server systems, OS, software applications, network, cloud and web servers
Experience in EVM tools e.g. Qualys, Nessus, etc.
Broad knowledge of technology attack vectors and exploits
Strong excel/PowerBI skills with the ability to create data analysis reports/dashboards 
Bachelor’s degree in Science, Technology, Engineering, and Mathematics (STEM) disciplines
8+ years of experience with 3+ years in EVM Program
Experience in information security certification and auditing is desired
Knowledge in TTP methods and frameworks is desired
Awareness in third party vulnerability management information sources (e.g. VirusTotal) (Desired)
Eager to learn and explore new information security technologies
Nice to have Security Certifications like CISSP, CISA, CISM, GCFA, GCIH, GCIA, GNFA, GREM, GCCC, or Security+

Education

Any Graduate