Dublin, CA | Direct Hire
Security Engineer (Vulnerability Management)
Location: Dublin, CA
Job Duration: FULL TIME
Principal Duties and Responsibilities include but are not limited to:
- Monitors current and proposed laws, regulations (i.e. PCI, SOX, HIPAA) and industry standards related to vulnerability management, so that Company is warned in advance and is ready to be fully compliant with these requirements.
- Assist in developing action plans, schedules, budgets, status and metrics reports as well as other management communications intended to improve the existing vulnerability management program at the company.
- Responsible for maintaining vulnerability scan tools, integration with various intelligence feeds and downstream workflow management tools and automation of scanning and reporting.
- Coordinate work efforts with other teams such as patch team, infrastructure management, security operations, governance & risk. Communicate project and operational metrics.
- Responsible for executing network and infrastructure vulnerability scans, working with cross-functional teams to evaluate the appropriate risk, recommend appropriate remediation solutions for identified vulnerabilities and track remediation.
- Stays informed about the latest developments in the information security field, including latest vulnerabilities, new products and services, through on-line news services, technical magazines, professional association memberships, industry conferences, special training seminars, and other methods.
- Knowledge of OWASP framework and application security best practices.
- Excellent understanding of network, system and application security.
- Understanding of industry best practices for Vulnerability Management.
- Demonstrated experience mapping business processes and comparing those processes to industry best practices.
- Ability to work closely with Business and development and understanding of the balance between Business and Security requirements.
- Knowledge of various vulnerability scanning solutions, scripting and automation.