Search Jobs
Search by job, company or skills
Search by job, company or skills
The Security Vulnerability Management Engineer will work within a multinational team of both internal and external analysts to support key vulnerability management initiatives that minimize security weaknesses in the information technology environment and drive vulnerability remediation across RRD Globally.
The Security Vulnerability Management Engineer will play a key role in the larger effort to accelerate the current process and champion vulnerability management best practices as the Cybersecurity program continues to advance in scope and effectiveness.
This is an excellent opportunity for an experienced Security Engineer to join our Growing Cyber Security team.
Contribute to the design and execution of our vulnerability management program, with a special emphasis on identifying system and application vulnerabilities.
Serve as a subject matter expert on application and system vulnerabilities, and management of threats due to system weaknesses.
Drive the responsibility for reviewing vulnerability data from multiple tools and sources across multiple technologies and a changing environment including infrastructure and applications to determine risk rating of vulnerabilities to business assets.
Effectively communicate discovered vulnerabilities and associated risks to stakeholders and assist in the planning and execution of remediation efforts.
Analyze vulnerability data to identify patterns, trends, and root cause problems, providing actionable insights for security enhancements.
Apply risk treatment strategies to identified vulnerabilities that cannot be remediated through regular means.
Support in improving and automating existing vulnerability management lifecycle. Including but not limited, data ingestion normalization, compliance metrics and detections on assets.
Assist in providing support and resolution for scanning and vulnerability remediation reporting issues.
Provide technical support for vulnerability management projects.
Provides analysis and validation post remediation, opportunities for improvements and out of the box thinking for optimizations and solving roadblocks.
Assist in ensuring scan results are presented in appropriate dashboards, reports, and forwarded to other data systems as necessary.
Assist in interfacing with third-party vendors and other RRD Business units in improving the overall scanning process.
Lead efforts to maintain patch and vulnerability management best practices to protect against exploitation of critical application and system vulnerabilities.
Technology Specific Skills and Other Requirements for this role include:
Bachelor degree in Computer Science, Information Systems or discipline related to functional work or role with 3 to 5 years of relevant work experience OR demonstrated ability to meet the job requirements through a comparable number of years of applicable work experience.
We are looking for a highly motivated and talented analyst with a passion for Vulnerability Management.
The ideal candidate will have experience supporting and managing vulnerability management activities in large enterprise environments.
Need strong organization, coordination and negotiation skills to engage with other global and member firm teams.
Sound knowledge of common infrastructure and web application vulnerabilities and common vulnerability categorizations such as CVE, CVSS, CWE
Sound knowledge of common vulnerability identification remediation tools, such as Rapid7/Nessus/Qualys, Kenna, Tenable, RiskIQ, Microsoft SCCM and IBM BigFix/Tanium etc
Secure DevOps experience would be a plus
He or She should have a strong understanding of security operations concepts, vulnerability management and incident remediation within a complex global organization.
Must have excellent communication skills; both verbal and written.
Relevant Security certifications like CEH, CISSP etc
ITIL foundation Certification and experience preferred
Must have experience and OS knowledge on Windows, Linux and networking technologies
Familiarity with Python or related programming languages.
Understanding of common security threats, attack vectors, vulnerabilities and exploits
Expert level understanding of networking Security concepts.
Good Knowledge on AWS, Azure and other cloud Technologies.
Highly self-motivated and directed
Strong organizational, oral communication and project management skills.
Excellent attention to detail; Ability to effectively prioritize and execute tasks in a high-pressure environment
Experience in working in an onsite-offshore model.
Knowledgeable in security concepts, techniques, tools, methods and practices
Proven relationship management expertise with both business and technical personnel
Ability to work well independently and in a team environment
Ability to handle multiple tasks, prioritize and meet deadlines
Must have flexibility and willingness to participate in the work processes of an international organization, including conference calls scheduled to accommodate global time zones.
Date Posted: 23/10/2024
Job ID: 97590841
