AWS Threat/Vulnerability Management Engineer

Job Description

I have a full time opportunity for an AWS Threat/Vulnerability Management Engineer to join one of our top tier financial organizations in Midtown, NYC. This role will work with a team of Cybersecurity Engineers on the Cloud Threat Vulnerability Management team to enhance the security infrastructure and security processes against the latest threats for the organization.

The AWS Cloud Vulnerability Management Engineer is responsible for validating and managing vulnerabilities, as well as managing scanning and monitoring activities, prioritizing and tracking remediation, and driving continuous improvement of vulnerability management practices.

This role is 4 days onsite, 1 day remote in Midtown Manhattan.

*** This opportunity does come with a very generous salary and bonus ***

Responsibilities:

Execute security assessments to assess potential vulnerability and determine best mitigating controls

Select and oversee technology solutions for vulnerability scanning, asset inventory, configuration monitoring, threat intelligence, and dashboards/reporting.

Conduct regular vulnerability scans, reviews, risk ratings, and penetration tests for all assets and environments.

Partner with Cloud infrastructure engineering teams to establish AWS security baselines and best practices.

Provide security guidance to Cloud Infrastructure Engineering Team to handled misconfigurations, policies, containers, patching and vulnerability scannning.

Build partnerships with developers, IT teams and business leaders to effectively push remediation of critical application and infrastructure vulnerabilities.

Track and report on vulnerability and pen test tickets/findings from identification through remediation.

Communicate technical risk and vulnerability data to leadership using impactful visualizations and metrics.

Continually refine vulnerability management program components to improve efficiency, coverage, and integration with other processes.

Qualifications:

Extensive experience working with Cloud cybersecurity management teams

Solid experience with cloud architectures (AWS, Azure, GCP)

Hands-on expertise working with enterprise and cloud architectures

Understanding of Linux and Windows OS, system administration and engineering

Knowledge of IT security and system hardening best practices

Solid understanding of Public Cloud infrastructure concepts and terminologies

Experience analyzing vulnerability findings from IT and Security management tools

Understanding of industry security standards such as CVE, CPE, CVSS & NIST

Experience with vulnerability prioritization frameworks and remediation workflows

Risk management expertise with ability to translate technical risks for business leaders

A Certified Cloud Security Professional (CCSP), is a plus

AWS / Azure Solutions Architect, which is highly preferred

Experience building Cloud Resources and hardening them to CIS standards

Bachelors degree in Computer Science or Engineering

Lori Sklarski

Senior Technical Recruiter, PRI Technology

Direct:

Office: x27

Cell:

Full-time

Hybrid remote