Your Responsibilities in this Role:

Building and growing a next-generation vulnerability management program

Providing remediation guidance and recommendations and coordinate with the Technology organization, IT and other teams as needed to provide oversight to the remediation and/or mitigation of enterprise vulnerabilities.

Evaluate and deploy vulnerability reporting solution to aggregate and centralize all infrastructure, application, and container vulnerabilities.

Extensive Windows, Mac, and Linux experience and common configuration deficiencies

Thorough understanding of desktop, server, application, database, and network security hardening principles and practices for threat prevention

Develop vulnerability reports and scorecards that define the current state of the corporate network security risk posture.

Perform research and analysis of scheduled and on demand vulnerability assessments and post results.

Research exploit techniques and mitigation strategies.

Perform analysis of asset and vulnerability information to identify risks that were not discovered via automated scanning

Troubleshoot issues that may occur during automated network scanning, and or agent scans.

Review public and private vulnerability notifications/disclosures, consume research findings and prioritize remediation efforts.

Integrate vulnerability management tools with other systems, such as CMDB, SIEM, and Archer, PowerBI.

Assist with implementing policy compliance tools to monitor compliance against CIS and other industry related benchmarks.

Assist with implementation of IoT and OT security solution to Client and secure unmanaged assets.

Develop rules to identify non-compliant resources in our cloud environments and create automations to remediate the non-compliant resources.

Quals-- What are We Looking for?

5+ years of experience in Qualys (VMDR), Policy Compliance and Vulnerability Management.

2+ years of experience in Kenna Security, Vulcan, or equivalent solution.

Scripting experience with PowerShell, python, rest API.

Experience developing reports in MS PowerBI.

Experience working with IoT/OT technology.

Working knowledge of cloud environments such as AWS, GCP, and Azure.

Bachelors degree in Information Security, Information Technology or Computer Science.

Knowledge of vulnerability management, policy compliance, and web application scanning solutions.

Basic understanding of regulatory structures such as PCI, PII, and GDPR.

Creative and adaptive work ethic, with a strong customer-oriented attitude.

Ability to clearly communicate and present to various levels of the organization

Strong organizational and analytical skills with attention to detail

Independent and self-motivated and very thorough work ethic

Ability to identify gaps in process and develop solutions

Experience crafting tools to improve efficiency performing routine tasks

Experience with Excel functions and extracting data using multiple criteria

Understanding of Vulnerability Management holistically as a program.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. NLB is committed to providing access, equal opportunity and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation, contact HR department by sending an e-mail to notifications@nlbservices.com.