Search for More Jobs
Forward job to a friend
Apply by creating/using an account
Please enter your registered email address, and we'll email you a link to reset your password right away.
Title :- Vulnerability Management Leader/Architect
Location :- Herndon, VA or Remote (100% Remote)
This position is in the existing vulnerability management squad. The ideal candidate will possess a strong technical and security background with an emphasis on supporting enterprise security applications and services; mainly identifying, managing and reducing vulnerabilities. He / She will work within a fast paced, Agile environment collaborating with cybersecurity architects and technology teams across IBM CISO and business units to implement and support next generation security solutions.
Essential Job Duties:
Expert-level knowledge of leading vulnerability scanning tools (Nessus, Qualys, Nexpose, Netsparker, Burp, etc.)
Utilizing a strong understanding of TCP / IPv4 addressing, ports, protocols, services, DNS, DHCP, NAT, PAT, subnetting and CIDR.
Utilizing knowledge of various network devices including routers, switches, firewalls, IDS / IPS, load balancers, proxy servers and network taps.
Vulnerability Identification (including awareness of current vulnerabilities and patches)
Manipulating data within files (XML and CSV for example) and between files utilizing knowledge of scripting using Python, Perl and other.
Risk bases analysis and prioritization by leveraging AI/Client where applicable.
Driving resolution, patching including developing best practices
In-depth experience supporting enterprise vulnerability management across IaaS, PaaS, and/or SaaS.
Excellent overall understanding of cybersecurity vulnerabilities and threats to include identification and patching.
Engineer, test, and deploy custom solutions for reducing vulnerabilities through automation across endpoint estate.
Expert knowledge of system, application, and database hardening techniques and practices.
Experience conducting all-source analysis, managing and tracking analytic production
Recommend and support remediation/resolution activities associated with any discovered vulnerability in accordance with IBM Standards.
Conduct vulnerability scans and assessments at the network, operating system, database, and application levels. Be able to create custom profiles in the vulnerability scanning tools and run scans on-demand basis or be able to schedule them.
Perform vulnerability scanning and analysis to eliminate false positives and to aggregate findings by specific best practice criteria.
Strong understanding of vulnerability management and security testing practices and methodologies including remote scans, credential scans, Agent based scans.
Manage and track hands-on resolution efforts with operational support team.
Developing unique solutions to challenging technical problems.
Oversees, evaluates and matures the intelligence of data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within the IBM environments (on-premise and cloud) for the purposes of mitigating threats. Ensure vulnerabilities are identified as early as possible and mitigated.
Perform other duties as necessary or as required.
5+ years professional work experience with technical aspects of network, servers and web vulnerability management solutions
At least 5 years' experience in perform vulnerability assessments, analysis, and reporting
5+ years of (hands-on) experience in using vulnerability scanning tools (Nessus, Qualys, Nexpose, Netsparker, Burp, etc.)
Experience in both Windows and Linux environments
Ability to develop and maintain positive relationships with other technology teams/stakeholders
Good understanding of the OWASP Top 10. Familiarity with vulnerabilities in 3rd party libraries and remediation
Deep understanding of network and web vulnerability scanning application outputs
Expertise in network infrastructure, including routers, switches, firewalls, and the associated network protocols and concepts
Bachelor's degree in Computer Science, Engineering, or equivalent experience
Knowledge of Scripting and/or programming skills (e.g., Python, PowerShell, Java, JS, etc.)
Good To Have
Experience in Container vulnerability scanning and familiarity with tools such as Twistlock and AquaSec
Industry recognized certification from ISC2, ISACA, CSA, or SANS
Apply by creating/using an account