Previous Job
Previous
Vulnerability Management Engineer
Ref No.: 17-23096
Location: Charlotte, North Carolina

Mandatory skills:
• 3-5 years of full-time information security, systems analysis, computer operations or related IT experience; including three years of full-time experience in an information security role (e.g., Information Security Analyst
• experience with vulnerability management tools (Qualys)
• strong understanding of current cyber-threats
• experience in regulated environment (SOX, PCI, HIPAA preferred)
• proficient understanding of the technical architecture of IT systems built using Windows, UNIX, Linux, IBM AIX, VMware, Citrix, Oracle and MySQL platforms
• strong documentation and communication (written and verbal) skills
• working knowledge of common network devices
• working knowledge of Windows and Unix operating systems
• working knowledge of common database platforms

Preferred skills:
• A personal style that is viewed as open-minded and collaborative.
• The ability to work successfully in a flat, collaborative, highly matrixed environment.
• Ability to effectively write and communicate complex issues in an easy to understand manner
• Ability to clearly articulate positions on a variety of issues
• Ability to be candid, open and consistent in communicating
• Ability to share information with awareness of its effect on others
• Ability to demonstrate a balance of speaking and listening so that neither is overly dominant
• Ability to tailor written communications to audience, avoiding technical jargon

Job Roles/Responsibilities:
• Responsible for configuring vulnerability assessment tools, as well as performing scans, researching and analyzing vulnerabilities, identifying relevant threats, corrective action recommendations, summarizing and reporting results.
• Analyze results, identify patch changes and configuration changes needed to be applied.
• Provides technical understanding of vulnerabilities and exploits using knowledge of network operations (Firewalls, VPNs, WAF, etc.), operating systems (Windows, Unix, Linux, etc), and web application infrastructure (Application Servers, Web Servers, APIs, etc).
• Using strong interpersonal skills articulate vulnerabilities to technical and non-technical audiences when needed.
• Address vulnerabilities include system patching, deployment of specialized controls, code or infrastructure changes, and changes in build engineering processes.
• Assist in recommending and prioritizing remediation efforts within infrastructure and application teams.
• Creation of vulnerability reports to disseminate to groups based on operational hierarchies.
• Manage tracking and remediation of vulnerabilities by leveraging agreed-upon action plans and timelines with support teams.