Job Description :

Position's Contributions to Work Group:

Job Duties/Responsibilities:

• Perform vulnerability scanning & assessments of systems and networks and identify where those systems or networks deviate from acceptable technical security baselines and enterprise vulnerability management policy requirements.

• Provide support of operational tools and methods for identifying and communicating vulnerable items for Vulnerability Management.

• Assist with the integration of existing security tools & data into vulnerability management workflow solution (i.e. ServiceNow)

• Maintenance and configuration of API’s for creating vulnerability groups in ServiceNow

• Develop and maintain workflows in ServiceNow related to vulnerability management remediation processes.

• Interface with IT Operations staff and leadership to drive efficiency into vulnerability management processes in ServiceNow

• Provide input and support to leaders and peers from architecture, engineering, and IT operations on architecting tools and solutions related to vulnerability and secure configuration management.

• Interface with IT operational teams to influence and prioritize remediation of identified vulnerabilities

• Obtain and maintain knowledge on existing security procedures and directives related to vulnerability management


Education Requirement:

• Bachelor (4 year) degree in Security Engineering/Architecture, Computer Science, Cybersecurity or a related field

• 3-5 years of Cybersecurity, Risk Management, Information Technology experience preferably with an Enterprise Vulnerability Management Team

• One or more professional information security certification from an accredited institution (CISSP, CCSP, CSSLP, CISM, GISCP, GWAPT, GWEB etc.)

• Other vendor certifications such as Qualys are preferred, but not required.


Critical Technical Skills:

• Strong/proficient knowledge of Qualys, including configuration and maintenance, scan execution, cloud agent deployment and oversight.

• Detailed knowledge of the Vulnerability Management process including vulnerability identification, false-negative/positives identification & elimination

• Knowledge of Python or Perl

• ServiceNow development experience

• Experience with vulnerability management tools such as Qualys

• Experience with Vulnerability Response Module in ServiceNow or other ServiceNow module experience.

• Experience developing/troubleshooting automation scripts

• 1-3 years of REST API integration

• 5+ years of Information Security Knowledge of Information Security, IT Risks and Controls assessment.

• Knowledge of information security frameworks, ISO 27001, 27002, NIST CSF, NIST 800-82.

• Knowledge of Cybersecurity risks associated with vulnerability testing, patch management, and secure configuration management.

• Superior Knowledge of CVSS vulnerability metrics


Soft Skills Required:

• Ability to adjust to multiple demands, changing priorities, ambiguity, and rapid change, while multitasking effectively.

• Exhibit strong influencing / negotiation skills as well as written/verbal communication skills and presentation skills.

• Ability to work with and influence developers, development managers, project managers, technology peers, and business contacts are required.

• Strong problem solving/analytical skills.


Similar Jobs you may be interested in ..