Job Description :
Position: Rapid7 Nexpose Engineer

Domain: Retail

Location: Malvern, PA

Duration: 3+ Months

Experience Required : 2 to 3 years

Job Description:

Managing vulnerability assignments, including assigning vulnerabilities to individual teams, changing assignments as teams report back on incorrect assignments, bringing disputed assignments to a technical group (core team) or management, and updating Nexpose tags to reflect system ownership.
Addressing false positives, including obtaining and reviewing appropriate documentation from teams to confirm false positive, validating purported false positives when necessary and possible, reporting "real" false positives to Rapid7 for resolution, and creating exceptions for false positives.
Assisting teams with vulnerability resolution, including providing assistance researching vulnerabilities and solutions (the primary responsibility lies with the system owner, not this role), proactively searching for and addressing false positives to reduce system owners'' workloads, performing confirmation scans when appropriate, meeting regularly with remediation team, and building reports to provide teams with necessary data.
Assisting teams with tracking remediation approaches within Nexpose or Excel.
Review and advise on existing reports and suggest reports that would solve current business use cases as well as factor the relevant KPIs and metrics to track Vulnerability Management program
Assist with the setup, configuration and best practice usage of the Analytics Dashboard to display and track relevant/appropriate KPI as well operationalize the use of Remediation projects to drive remediation endeavors at
Assist with identifying integration opportunities with tools for patch management, ticketing and asset tagging
– Implement and/or develop plans on how these tools can be integrated with Nexpose
Runbook creation to capture Nexpose setup, architecture and vulnerability management best practices
– Capturing Nexpose architecture and configurations
– Remediation best practices and associate SLAs
– Reporting workflows that are in place to deliver data to technical and executive teams
– Vulnerability exceptions workflow
Other tasks as needed, such as:
Managing and adapting the scan schedule
Managing permissions and access to the product
Performing authenticated and unauthenticated vulnerability scanning
Troubleshooting and debugging scans
Tuning, maintenance and updating of the product and associated hardware
Support any “Critical” vulnerability response actions across the enterprise
Generating and delivering applicable reports as needed by


Client : Judge Group