Information Security Technical Lead Vulnerabilities
Posted on May 3, 2021 by Request Technology
*We are unable to sponsor as this is a permanent full time role*
A prestigious fortune 500 company is on the search for an Information Security Technical Lead Vulnerabilities. This client is looking for someone with 8 to 10 years of hands on experience performing vulnerability and compliance scanning. They need an someone who is an expert in Linux, Windows, Cloud (AWS, Azure, GCP), and Scripting. This lead will be deploying, maintaining, and scanning the infrastructure and will need Scripting experience with Python, Bash, or Powershell.
- Scanning of infrastructure and network devices, operating systems, databases, and wireless to detect vulnerabilities and misconfigurations
- Create custom scans and scan policies, tune settings for optimal performance and troubleshoot scan issues
- Provide enhanced vulnerability analysis and contextual feedback to stakeholders for discovered vulnerabilities or misconfigurations.
- Investigate false positive findings
- Report metrics for scan coverage and discovered misconfigurations or misconfigurations
- Deploy, maintain, and tune scanners to meet current and future needs
- Troubleshoot issues with the scans, credentials, agents, policies
- Update scan zones to include new network ranges
- Develop custom audit scripts for automated monitoring of approved Baseline Security Configurations (BSC) for Servers, workstations, network devices, databases, etc.
- Work with platform SMEs to ensure accuracy and completeness for the BSC scans
- Design monitoring solutions for new and existing technologies to determine compliancy with published standards.
- Tune scan policies for accuracy and speed
- Generate innovative ideas and challenge the status quo
- Develop scripts, automations, tools, or methodologies to enhance the team's processes and capabilities, and reduce toil
- Create/update runbooks and SOP documentation
- Participate in and actively support mentoring with other members of the team, and mentoring less experienced staff
- 8-10 years hands-on experience, working with security tools and performing vulnerability, and compliance scanning
- Bachelor of Science in Engineering, Computer Science, Information Technology, or equivalent work experience
- Must have expert knowledge of Linux and Windows operating systems, and cloud technologies
- Must have advanced knowledge in networking and databases
- Must have solid understanding of deploying and maintaining scanning infrastructure
- Must be proficient with Scripting languages - Python, Bash, PowerShell
- Experience leading projects and initiatives
- Preferred certifications: CISSP, AWS/GCP/Azure
SKILLS AND CERTIFICATIONS
- Vulnerability and compliance scanning