Expert Cyber Risk Management Engineer
Posted on Aug 24, 2022 by Request Technology
*We are unable to sponsor as this is a permanent full time role*
*All Employees must be Covid-19 Vaccinated.*
A prestigious company is on the search for an Expert Cyber Risk Management Engineer. This is a fully remote position. This engineer will focus on designing, implementing, and maintaining enterprise vulnerability management solutions. This engineer will perform vulnerability management assessments, identification validation for CICD pipeline, and work with cloud (Azure) infrastructure platforms. This person will need experience with SAST, DAST, IAST, RASP and programming knowledge such as Java, Python, JSP, PHP, Node,js, etc.
- Performs vulnerability management capability assessments, process development and refinement activities, technology capability assessments, and solution design and implementation projects that ensure the security of the enterprise environment.
- Leads strategic planning activities informed by capability assessments which holistically address current and future maturity states of vulnerability management capabilities. Builds strong narratives to drive decision-making and educates leadership stakeholders on proposed plans.
- Serves as a security expert in vulnerability management solutioning, including vulnerability identification, assessment, and validation for CI/CD pipelines, cloud environments, and infrastructure.
- Engages with enterprise architects, security specialists, technology engineers, and other functional area specialists to ensure that enterprise technologies and security solutions are correctly configured and deployed to sufficiently mitigate identified risks and meet requirements for the enterprise, customers, partners, and vendors.
- Exercises thought leadership in the creation and maintenance of vulnerability management capabilities, processes, procedures, technologies, and technical capability requirements.
- Creates and maintains a view of IT assets, related attack surfaces, and emerging vulnerabilities to illustrate the flow of data and associated security threats.
- Manages the entire life cycle of vulnerabilities from discovery, triage, advising, remediation, and validation.
- Serves as a cybersecurity subject matter expert, assessing the business impact of cybersecurity risks to the enterprise and identifying options and recommendations for mitigating those risks.
- Serves as an expert in platform, application, storage, network, virtualization, cloud, and mobile security best practices.
- Develops leadership-level communications, including board of director and executive metrics, business cases, standards, policies, procedures, architecture design documents, etc.
- 8+ years of combined hands-on cybersecurity and vulnerability management development and implementation work. Experience with a broad exposure to cloud, infrastructure, network, and multi-platform environments.
- 2+ years of experience in cybersecurity solution engineering or security service delivery.
- 2+ years of leadership experience with planning and managing cybersecurity implementations and/or leading a team of technical resources. This role will require the management of several (2 to 4) concurrent large-scale vulnerability management capability development projects
- A strong, complete, and working understanding of Microsoft Azure cloud and foundational cloud concepts.
- A robust understanding of contemporary security theory and application (including the vulnerability life cycle and scanning methodologies (SAST, DAST, IAST, RASP) exploitation techniques and attack vectors).
- A strong, complete, and working understanding of key programming languages and frameworks (eg, Java, Python, JSP, PHP, Node.js, etc.)