Sr. Security Engineer #37493 - Datum Software, Inc
Atlanta, GA 30354
About the Job
Sr. Security Engineer
Position Type: Contract
Location: Atlanta, GA
Qualifications :
Responsibilities:
"All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.”
Position Type: Contract
Location: Atlanta, GA
Qualifications :
- 5+ years of experience in Qualys (VMDR), Policy Compliance and Vulnerability Management.
- 2+ years of experience in Kenna Security, Vulcan, or equivalent solution.
- Scripting experience with PowerShell, python, rest API.
- Experience developing reports in MS Power.
- Experience working with IoT/OT technology.
- Working knowledge of cloud environments such as AWS, GCP, and Azure.
- Bachelor's degree in information security, Information Technology or Computer Science.
- Knowledge of vulnerability management, policy compliance, and web application scanning solutions.
- Basic understanding of regulatory structures such as PCI, PII, and GDPR.
- Creative and adaptive work ethic, with a strong customer-oriented attitude.
- Ability to clearly communicate and present to various levels of the organization.
- Strong organizational and analytical skills with attention to detail.
- Independent and self-motivated and very thorough work ethic.
- Ability to identify gaps in process and develop solutions.
- Experience crafting tools to improve efficiency performing routine tasks.
- Experience with Excel functions and extracting data using multiple criteria.
- Understanding of Vulnerability Management holistically as a program.
Responsibilities:
- Building and growing a next-generation vulnerability management program.
- Providing remediation guidance and recommendations and coordinating with the Technology organization, IT and other teams as needed to provide oversight to the remediation and/or mitigation of enterprise vulnerabilities.
- Evaluate and deploy vulnerability reporting solution to aggregate and centralize all infrastructure, application, and container vulnerabilities.
- Extensive Windows, Mac, and Linux experience and common configuration deficiencies.
- Thorough understanding of desktop, server, application, database, and network security hardening principles and practices for threat prevention.
- Develop vulnerability reports and scorecards that define the current state of the corporate network security risk posture.
- Perform research and analysis of scheduled and on demand vulnerability assessments and post results.
- Research exploit techniques and mitigation strategies.
- Perform analysis of asset and vulnerability information to identify risks that were not discovered via automated scanning.
- Troubleshoot issues that may occur during automated network scanning, and or agent scans.
- Review public and private vulnerability notifications/disclosures, consume research findings, and prioritize remediation efforts.
- Integrate vulnerability management tools with other systems, such as CMDB, SIEM, Archer, PowerBI.
- Assist with implementing policy compliance tools to monitor compliance against CIS and other industry related benchmarks.
- Assist with implementation of IoT and OT security solution to Client and secure unmanaged assets.
- Develop rules to identify non-compliant resources in our cloud environments and create automations to remediate the non-compliant resources.
"All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.”
Source : Datum Software, Inc