Vulnerability Scanning
Duration: 12 months
Location: Remote
Candidates must be W2 and US Citizenship is required. **More targeted for compliance scanning. **Background/experience with compliance standards and frameworks, but vulnerability scanning background is ideal.
We are currently seeking a Vulnerability Scanning Advisor to join our Vulnerability Scanning Team. The ideal candidate will have experience supporting & managing vulnerability scanning tools and technologies in an enterprise environment. The ideal candidate will have strong experience in vulnerability and compliance scanning across multiple environments including onsite, cloud, and containers. The SME will coordinate and mentor the teams follow-the-sun support interactions and act as technical liaison and business coordinator across functional teams and stakeholder efforts to drive vulnerability and compliance scanning operational and architectural innovations for leadership visibility
Key Responsibilities:
• Leads the design, deployment, scheduling, and execution of vulnerability and compliance scanning solutions across the enterprise
• Participates in the creation, review and maintenance of current and proposed processes and procedures and related documentation within the Vulnerability Scanning team.
• Ensure an active assessment capability across all Dell networks and infrastructure together with IT and engineering teams to improve the capability and quality of scanning activities where necessary
• Collaborate with other members of the IA/scanning team on daily issues, diagnose and resolve scanner software problems, and restore normal operation
• Thorough understanding and management of business needs and expectations.
• Adapts and evolves vulnerability scanning processes and procedures based on internal customer or business partner feedback.
• Develops and implements automated and continues scanning techniques to better support IT and application teams
• Exhibits good understanding of vulnerability validation, re-production, and remedy advice and vulnerability research skills.
• Cultivates the practice of staying abreast on latest trends and developments in vulnerability scanning tools and solutions, threat intelligence and remediation activities followed across industry
• Contributes to the vulnerability scanning and tools program through delivery of end results and contribution to future planning based on industry evolution and internal IT and application teams’ requirements.
Functional/technical requirements:
• A degree in Information Technology, Information Security or related major and 5+ years of direct experience in the field of cybersecurity.
• In-depth technical experience with any of the enterprise scanning tools (Nexpose, Tenable IO, Qualys, Twistlock, etc.)
• Ability to understand and consult on CIS and DISA STIG benchmarks
• Knowledge of FedRAMP, FISMA compliance methodologies
• Understanding and knowledge of OWASP tools and methodologies and security attack vectors.
• Experience in threat and vulnerability management, and penetration testing
• Experience with programming and scripting languages and frameworks (such as Python, Powershell, Splunk/Phantom, etc.)
• Good technical aptitude, problem solving and ability to quickly learn and master new topics and domains.
• Candidates must be able to work independently and demonstrate exceptional organizational and time management skills
• Understands what escalations are, and how to deal with them.
• Excellent problem-solving skills with the ability to diagnose and troubleshoot technical issues.
• Collaborative / team player, self-driven, independent and customer-oriented
• Excellent verbal, written and communication skills
• CISSP or similar certification advantageous.