Job Purpose:
Identifying and reporting vulnerable systems on customers networks to support the patching and vulnerability operations, coordinating remediation.
Essential Functions:
Scan, identify, and coordinate the remediation of vulnerabilities within the customer environment
Monitor and maintain scanning infrastructure used to perform vulnerability scans
Work with system architects to ensure customer systems access is functioning so that scans of the customer environment can be performed
Perform cyclical (usually monthly) vulnerability scans of customer environments
Develop standard reports, work with patching operations to mesh data from the output of patching workloads to produce risk scoring, vulnerability priorities and patching priorities
Produce both pre patching and post patching scan reports
Formulate executive summary reporting
Track metrics to assist the customer in managing risk posture
Coordinate with customer contacts to formulate a plan of attack based on agreed priorities
Establish procedures and playbooks to obtain and disseminate vulnerability information to stakeholders
Establish procedures and playbooks to configure, deploy, maintain, and retire vulnerability scanning and endpoint security tooling
Potentially act as a Program manager with the customer over the patching and vulnerability management scope
Cultivate and maintain relationships with customer stakeholders
Participate in expansion of new opportunities with new or existing customers
Internal and externally focused to ensure timely remediations
Education:
Four years of college resulting in a bachelor's degree or equivalent
Certifications, Accreditations, Licenses:
Industry specific certification from SANS/GIAC, ISC2, etc or similar a plus. Certifications included advanced GIAC/SANS certifications -- GCIH, GCIA, GCFE, GCFA, GREM, GIAC, GSEC, GWAPT -- CISSP, CCSP, SSCP, Security+.
Experience:
7-10 Years
Special Knowledge, Skills, and Abilities:
5 - 7 years Information Technology/Information Security experience
Strong background in information security, vulnerability management and endpoint security
Strong analytical skills
Exceptional Excel skills
Power BI Skills is a plus
Knowledge of a scripting language (Python, Perl, etc.)
Experience with the functions and administration of Endpoint Security, Vulnerability Management, and endpoint privilege management software
Experience with industry standards such as NIST, PCI, CIS, MITRE ATT&CK etc.
Experience working in a team-oriented, collaborative environment
Experience managing customer relationships
Supervisory Responsibility:
This position does not have employee direct reports but does serve as a "lead" role for others doing similar work.
Work Environment:
Remote