Information Security Engineer

Job Description

• Sound knowledge and understating of working with Qualys or Tenable vulnerability management tool to run scans and reports
• Performs discovery scanning via the Vulnerability Management Platform (scheduled and ad-hoc)
• Provides gap analysis to compare the list of known assets/resources so gaps can be investigated, and owners identified
• Identifies resource types (e.g. router, desktop computer, server, network switch, firewall, etc.), operating systems
• Provides initial research to determine the type of node and identify any applications (viz web services/FTP/TLS versions /SMTP/name Services etc.) running on the target system to assist and remediate in working with asset owners
• Tracks via ticketing tool system Service now
• Populates data visualization tool (Tableau) for reporting vulnerability metrics by system and owner
• Assess environmental vulnerability Drive remediation via tickets and project documentation Generate asset inventory reports, identifying discrepancies Manage penetration testing project timelines and reporting Develop solutions to help mitigate security risks
• Able to judge severity and impact of common security vulnerabilities Analytical, troubleshooting, and problem-solving abilities Ability to present to audiences of various backgrounds
• Researches vulnerabilities to determine attack vectors and possible vulnerable targets, and launches specific scans and reports for that vulnerability in Rapid 7
• Coordinates with business, IT teams, and IS Risk to remediate compliance findings in a timely manner while addressing risk reduction objectives
• Demonstrates continuous improvement mindset
• Maintains an effective approach to problem solving, multi-tasking, coordinating, and scheduling in accordance with stated goals to ensure visibility and predictability
• Exposure on Security Operations, Incident Response, Threat Hunting and Assurance methodologies
• Experience in using standard Security Assessment and Penetration Testing tools.
• Experience with security configuration checklists (e.g. CIS Benchmarks)
• Familiarity with NIST Publications NIST 800-53, NIST 800-53A and ISO 27001
• Ability to code and script Python, SQL, BASH, or PowerShell is preferred
• Ability to use technical assessment tools such as Rapid 7
• Knowledge of networking and security technologies such as firewalls, IDS/IPS, load balancers, Windows /Unix/Linux operating systems and common database platforms
• QualificationsThe candidate must have:
• Bachelor s degree in Science & Engineering or technical discipline is required. Minimum of 7 years of experience is required.
• (4) years of experience in vulnerability management process and using of relevant tools.
• Exposure on security operations & technical analysis, assessment and addressing threat vulnerabilities releases, operational network & Identity management system and applications systems security.
• Ability to manage conflicting priorities and customer expectations in a fast-paced operational environment
• Ability to analyze complex problems and implement solutions and/or workarounds
• Ability to work on multiple projects simultaneously with a keen desire to learn and expand depth of knowledge
• Ability to thrive in a sense-of-urgency environment and leverage best practices
• Demonstrated initiative, flexibility, and ability to adapt to changing priorities and work environments
• Proficiency in Microsoft Suite (Word, Excel, PowerPoint, Access, and Visio)
• The individual must be an independent, con dent, persistent and results-oriented individual - who contributes ideas and opinions to ensure sound solutions are implemented.
• Able to work as part of a virtual global team with cultural, language, and time zone differences. Able to deal with ambiguity and work independently with minimal supervision/guidance.
• Solid oral and written communications, problem solving, commitment to task, ability to lead
• Preferred Certifications:
• GIAC Certified Incident Handler (GCIH)
• GIAC Mobile Device Security Analyst (GMOB)
• GIAC Penetration Tester (GPEN)
• CEH Certified Ethical Hacker (CEH)
• Certified Cloud Security Professional (CCSP)

Functional Knowledge

• Demonstrates expanded conceptual knowledge in own discipline and broadens capabilities

Business expertise

• Understands key business drivers; uses this understanding to accomplish own work

Leadership

• No supervisory responsibilities but provides informal guidance to new team members

Problem Solving

• Solves problems in straightforward situations; analyzes possible solutions using technical experience and judgment and precedents

Impact

• Impacts quality of own work and the work of others on the team; works within guidelines and policies

interpersonal Skills

• Explains complex information to others in straightforward situationsAbility to work effectively as an individucal contributor or as part of a cross functional team to meet common objectives

QualificationsEducation:Bachelors Degree SkillsCertifications:Languages:Years of Experience:4 - 7 Years Work Experience:Additional InformationTravel:Not Specified Relocation Eligible:YesApplied Materials is committed to diversity in its workforce including Equal Employment Opportunity for Minorities, Females, Protected Veterans and Individuals with Disabilities.,

Keyskills :
application securitynetworkingactive directorychange managementcompliancecertified ethical hackerequal employment opportunitymultiple projects simultaneously