Sr. Threat & Vulnerability Engineer - FULLY REMOTE

Company: Optomi
Location: Denver
Posted on: June 25, 2022

Job Description:

Sr. Threat & Vulnerability Engineer - FULLY REMOTE
Optomi is seeking a Sr. Threat & Vulnerability Engineer to provide expert research, support, and guidance to other architects, developers, technical staff, and business owners to ensure that the organization adequately safeguards its data and information systems based upon a detailed technical understanding across multiple security Domains. In addition, you will create and implement, in collaboration within IT and with business areas, a foundation and framework of Information Security infrastructures, processes, methods, and standards. You will work as subject matter expert to all information technology teams on vulnerability management, threat management, application security and contributes to any project requiring complex cyber security support.
Apply today if your background includes: - 7+ years experience in Information Security with and strong technical knowledge of cybersecurity technologies - 5+ years of experience in vulnerability management, threat assessment, or penetration testing. - Experience in managing ServiceNow Security Operations software - ServiceNow's Security Incident Response and Vulnerability Response modules - Experience with vulnerability management tools, threat identification tools, SIEM, and other security tooling - Experience using MITRE ATT&CK framework - Knowledge of vulnerability management and scanning best practices such as CVE database and the CVSS System used for scoring vulnerabilities. - Knowledge of network and application security principles such as OWASP Testing Guidelines, OWASP Application Security knowledge framework and ATT&CK framework. - Knowledge of tactics, techniques, and procedures used by internal and external threat actors for red team operations. - Knowledge of application, network and operating system security including a good understanding of Linux and Windows patching and network protocols. - Experience using vulnerability scanning tools, application scanning tools (SAST/DAST), and GRC ticketing and automation tools. - Experience using ServiceNow Security Operations and/or Vulnerability Response Applications - Technical certification such as: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Risk and Information Systems Control (CRISC), or GIAC Enterprise Vulnerability Assessor (GEVA). - Highly proficient in information security controls and frameworks such as NIST-CSF, HIPAA, SP-800-30, NIST 800-53, NIST 800-171, NERC CIP, PCI, ISO 27001/27002, ISO 27005, Center for Internet Security (CIS) 20 Critical Security Controls. - Experience with public cloud service providers (AWS & Azure), specifically the types of industry-standard controls and best practices for configuring and managing these services. -
Key responsibilities: - Conducts security vulnerability assessments using multiple vulnerability and penetration tools to evaluate attack vectors, identify vulnerabilities, and collaborate with team leads to develop remediation plans. - Operates and maintains adversary emulation tools to continuously test the enterprise against threats - Expertise utilizing various Vulnerability Management tools to scan the enterprise for threats due to missed patches, configurations or recently identified vulnerabilities to ensure all systems are secured and patched - Builds and maintains dashboards that present actionable vulnerability data to IT teams and IT leadership in an intuitive manner. - Builds and delivers reports for IT staff and leadership for the tracking of vulnerability remediation SLAs and the current threat landscape. - Configures and manages ServiceNow's Security Operations modules (SIR, VR, VRM, etc.) - Support and coordinate within the Cybersecurity Operations team when called upon: Supporting the Cybersecurity Operations team during high priority and high-risk situations such as zero-day events and other fast-moving incidents. - Provide the security team with expertise for maturing vulnerability management and threat intelligence capabilities. - Assess risk exception requests for the data and information systems allowing formal review and approval for a temporary exemption from established security policy and procedures. - Initiating escalation actions when exception requests pose a high degree of risk to the organization or are failing to address the underlying risks that led to the request - Collaborate with technical staff and business owners as a subject matter expert ensuring that exception request lifecycle and workflow is correctly adhered to. - Initiate escalation actions when exception requests pose a high degree of risk to the organization or are failing to address the underlying risks that led to the request. - Performs risk assessments based on vulnerability data to determine business risk. - Maintains technology infrastructure used to deliver vulnerability scanning, and web application assessment capabilities. - Assists with the build-out and maintenance of infrastructure utilized for Red Team engagements. - Performs network and web application penetration testing and assists with remediation of identified vulnerabilities. - Performs validation testing of security vulnerabilities that have been remediated and evidence the results for closure. - Utilizes dynamic and static code analysis tools to assist application teams in applying application security best practices. - Performs threat modeling to help improve enterprise security posture. - Effectively communicates findings and strategies to client stakeholders including technical staff, executive leadership, and legal counsel. - Maintains ongoing proficiency in network and application exploitation, tools, techniques, countermeasures, and trends in computer network vulnerabilities and network security. - Assists in applying security controls (PCI-DSS, SOX, HIPAA, ISO, CSC) as well as web application security topics such as OWASP top 10, CWE top 25, and authentication infrastructure (SAML, OAuth). - Works closely with business and Information Technology Units to identify and understand applicable security requirements that relate to business and regulatory drivers. - Develop and support KPI's and KRI's metrics and reporting of the Information Security Program through the collection and analysis of effectiveness measures across the organization.

Keywords: Optomi, Denver , Sr. Threat & Vulnerability Engineer - FULLY REMOTE, Engineering , Denver, Colorado