Sr. Threat & Vulnerability Engineer - FULLY REMOTE
Company: Optomi
Location: Denver
Posted on: June 25, 2022
|
|
Job Description:
Sr. Threat & Vulnerability Engineer - FULLY REMOTE
Optomi is seeking a Sr. Threat & Vulnerability Engineer to provide
expert research, support, and guidance to other architects,
developers, technical staff, and business owners to ensure that the
organization adequately safeguards its data and information systems
based upon a detailed technical understanding across multiple
security Domains. In addition, you will create and implement, in
collaboration within IT and with business areas, a foundation and
framework of Information Security infrastructures, processes,
methods, and standards. You will work as subject matter expert to
all information technology teams on vulnerability management,
threat management, application security and contributes to any
project requiring complex cyber security support.
Apply today if your background includes: - 7+ years experience in
Information Security with and strong technical knowledge of
cybersecurity technologies - 5+ years of experience in
vulnerability management, threat assessment, or penetration
testing. - Experience in managing ServiceNow Security Operations
software - ServiceNow's Security Incident Response and
Vulnerability Response modules - Experience with vulnerability
management tools, threat identification tools, SIEM, and other
security tooling - Experience using MITRE ATT&CK framework -
Knowledge of vulnerability management and scanning best practices
such as CVE database and the CVSS System used for scoring
vulnerabilities. - Knowledge of network and application security
principles such as OWASP Testing Guidelines, OWASP Application
Security knowledge framework and ATT&CK framework. - Knowledge
of tactics, techniques, and procedures used by internal and
external threat actors for red team operations. - Knowledge of
application, network and operating system security including a good
understanding of Linux and Windows patching and network protocols.
- Experience using vulnerability scanning tools, application
scanning tools (SAST/DAST), and GRC ticketing and automation tools.
- Experience using ServiceNow Security Operations and/or
Vulnerability Response Applications - Technical certification such
as: Certified Information Systems Security Professional (CISSP),
Certified Information Security Auditor (CISA), Certified Risk and
Information Systems Control (CRISC), or GIAC Enterprise
Vulnerability Assessor (GEVA). - Highly proficient in information
security controls and frameworks such as NIST-CSF, HIPAA,
SP-800-30, NIST 800-53, NIST 800-171, NERC CIP, PCI, ISO
27001/27002, ISO 27005, Center for Internet Security (CIS) 20
Critical Security Controls. - Experience with public cloud service
providers (AWS & Azure), specifically the types of
industry-standard controls and best practices for configuring and
managing these services. -
Key responsibilities: - Conducts security vulnerability assessments
using multiple vulnerability and penetration tools to evaluate
attack vectors, identify vulnerabilities, and collaborate with team
leads to develop remediation plans. - Operates and maintains
adversary emulation tools to continuously test the enterprise
against threats - Expertise utilizing various Vulnerability
Management tools to scan the enterprise for threats due to missed
patches, configurations or recently identified vulnerabilities to
ensure all systems are secured and patched - Builds and maintains
dashboards that present actionable vulnerability data to IT teams
and IT leadership in an intuitive manner. - Builds and delivers
reports for IT staff and leadership for the tracking of
vulnerability remediation SLAs and the current threat landscape. -
Configures and manages ServiceNow's Security Operations modules
(SIR, VR, VRM, etc.) - Support and coordinate within the
Cybersecurity Operations team when called upon: Supporting the
Cybersecurity Operations team during high priority and high-risk
situations such as zero-day events and other fast-moving incidents.
- Provide the security team with expertise for maturing
vulnerability management and threat intelligence capabilities. -
Assess risk exception requests for the data and information systems
allowing formal review and approval for a temporary exemption from
established security policy and procedures. - Initiating escalation
actions when exception requests pose a high degree of risk to the
organization or are failing to address the underlying risks that
led to the request - Collaborate with technical staff and business
owners as a subject matter expert ensuring that exception request
lifecycle and workflow is correctly adhered to. - Initiate
escalation actions when exception requests pose a high degree of
risk to the organization or are failing to address the underlying
risks that led to the request. - Performs risk assessments based on
vulnerability data to determine business risk. - Maintains
technology infrastructure used to deliver vulnerability scanning,
and web application assessment capabilities. - Assists with the
build-out and maintenance of infrastructure utilized for Red Team
engagements. - Performs network and web application penetration
testing and assists with remediation of identified vulnerabilities.
- Performs validation testing of security vulnerabilities that have
been remediated and evidence the results for closure. - Utilizes
dynamic and static code analysis tools to assist application teams
in applying application security best practices. - Performs threat
modeling to help improve enterprise security posture. - Effectively
communicates findings and strategies to client stakeholders
including technical staff, executive leadership, and legal counsel.
- Maintains ongoing proficiency in network and application
exploitation, tools, techniques, countermeasures, and trends in
computer network vulnerabilities and network security. - Assists in
applying security controls (PCI-DSS, SOX, HIPAA, ISO, CSC) as well
as web application security topics such as OWASP top 10, CWE top
25, and authentication infrastructure (SAML, OAuth). - Works
closely with business and Information Technology Units to identify
and understand applicable security requirements that relate to
business and regulatory drivers. - Develop and support KPI's and
KRI's metrics and reporting of the Information Security Program
through the collection and analysis of effectiveness measures
across the organization.
Keywords: Optomi, Denver , Sr. Threat & Vulnerability Engineer - FULLY REMOTE, Engineering , Denver, Colorado
Click
here to apply!
|