Previous Job
Security & Risk Analyst - III
Ref No.: 18-00315
Location: Foster City, California
Start Date / End Date: 03/29/2018 to 09/10/2018
POSITION SUMMARY: The Vulnerability Security Engineer is a key member of the vulnerability management development team and works closely with Infrastructure and Application services teams to develop a process to ensure that all applications and systems will be patched and configured in accordance with policies, standards, and compliance requirements so that risk is managed appropriately. The candidate will assist with developing and implementing the desired end state of the Information Security and Privacy programs. 

• Evaluate, design, develop, implement and / or integrate security solutions which may include, but are not limited to Vulnerability Management, Server Configuration / Compliance Monitoring, Endpoint Configuration / Compliance Monitoring 
• Assist a team in designing and implementing an end to end vulnerability management process 
• Assist in deploying and configuring a test environment and procedures 
• Writing project documentation, position papers, etc. Must be able to work with project stakeholders to build appropriate business processes as part of the project lifecycle. 
• Assists in the testing of controls and the remediation of any deficiencies identified. 
• Assist in formalizing and updating security policies, procedures and technical standards and auditing/monitoring compliance with those standards. 
• Assist in developing vulnerability reports for tailored for specific operational teams and process functions. 

• Minimum 3 years of progressively responsible IT experience with at least 1 years of security/infrastructure protection experience. 
• Strong verbal and written communication skills with the ability to adapt information delivery based on the target audience 
• Ability to work in a fast paced, highly visible, changing environment. 
• Proven track record in enterprise vulnerability management 
• Must be familiar with the following vulnerability management technologies: 
o WSUS, SCCM, Red Hat Satellite, Nexpose 
• Proven ability at building working relationships with partners, peers, and senior Management 
• Excellent analytical and problem solving skills. 
• Ability to multitask and manage multiple topics and demands concurrently 
• Working knowledge of IT processes (i.e., ITIL) including incident, problem, defect, change and release management 
• Working Knowledge of Windows systems, Active Directory, and Linux Systems 
• Prior working experience in a Pharmaceutical company is a big plus 
• Highly organized, results-oriented and attentive to details 
• Self-motivated, proactive, independent and responsive – requires little supervisory attention 
• Excellent presentation, facilitation and diplomacy skills 
• High level of personal integrity consistent with Gilead's core values 
• Performs other duties as assigned. 

• 4+ years of relevant experience 
• Bachelor of Science degree in management information systems, computer science, engineering or other IT-related major is required 
• Information Security Certification (CISSP, GSEC, etc…) or other related security certification is highly desired 
• Microsoft, Linux, Unix, and Cisco certifications would be an asset
Onsite Offsite