Your Responsibilities in this Role:

· Building and growing a next-generation vulnerability management program

· Providing remediation guidance and recommendations and coordinate with the Technology organization, IT and other teams as needed to provide oversight to the remediation and/or mitigation of enterprise vulnerabilities.

· Evaluate and deploy vulnerability reporting solution to aggregate and centralize all infrastructure, application, and container vulnerabilities.

· Extensive Windows, Mac, and Linux experience and common configuration deficiencies

· Thorough understanding of desktop, server, application, database, and network security hardening principles and practices for threat prevention

· Develop vulnerability reports and scorecards that define the current state of the corporate network security risk posture.

· Perform research and analysis of scheduled and on demand vulnerability assessments and post results.

· Research exploit techniques and mitigation strategies.

· Perform analysis of asset and vulnerability information to identify risks that were not discovered via automated scanning

· Troubleshoot issues that may occur during automated network scanning, and or agent scans.

· Review public and private vulnerability notifications/disclosures, consume research findings and prioritize remediation efforts.

· Integrate vulnerability management tools with other systems, such as CMDB, SIEM, and Archer, PowerBI.

· Assist with implementing policy compliance tools to monitor compliance against CIS and other industry related benchmarks.

· Assist with implementation of IoT and OT security solution to Client and secure unmanaged assets.

· Develop rules to identify non-compliant resources in our cloud environments and create automations to remediate the non-compliant resources.

Quals--

What are We Looking for?

· 5+ years of experience in Qualys (VMDR), Policy Compliance and Vulnerability Management.

· 2+ years of experience in Kenna Security, Vulcan, or equivalent solution.

· Scripting experience with PowerShell, python, rest API.

· Experience developing reports in MS PowerBI.

· Experience working with IoT/OT technology.

· Working knowledge of cloud environments such as AWS, GCP, and Azure.

· Bachelor’s degree in Information Security, Information Technology or Computer Science.

· Knowledge of vulnerability management, policy compliance, and web application scanning solutions.

· Basic understanding of regulatory structures such as PCI, PII, and GDPR.

· Creative and adaptive work ethic, with a strong customer-oriented attitude.

· Ability to clearly communicate and present to various levels of the organization

· Strong organizational and analytical skills with attention to detail

· Independent and self-motivated and very thorough work ethic

· Ability to identify gaps in process and develop solutions

· Experience crafting tools to improve efficiency performing routine tasks

· Experience with Excel functions and extracting data using multiple criteria

· Understanding of Vulnerability Management holistically as a program

Equal opportunity employer including disability/veterans.