Pubblicato in: Altro in Stati Uniti | Inviato: |
Information Security Senior Engineer/Developer
Salary: $120k-$140k +7% bonus
Location: 100% remote
*We are unable to sponsor for this permanent Full time role*
*You will be required to provide proof of full vaccination upon hire or obtain approval of a valid medical or sincerely held religious exemption from receiving a COVID-19 vaccine prior to your start date*
Prestigious Fortune 500 company is seeking an Information Security Senior Engineer/Developer with a strong background in vulnerabilities. As part of the Vulnerability Hunting team your responsibilities include continuous monitoring for vulnerabilities and misconfigurations across multiple environments, and technologies.
- Proficient with Scripting languages (Python, Bash, PowerShell)
- Minimum of 5-7 years hands-on experience, working with security tools and performing vulnerability, and compliance scanning
- Must be proficient with Scripting languages - Python, Bash, PowerShell
- Must have expert knowledge of Linux and Windows operating systems, and cloud technologies
- Must have advanced knowledge in networking and databases
- Must have solid understanding of deploying and maintaining scanning infrastructure
- Experience leading projects and initiatives
- Required certifications: CISSP, AWS/GCP/Azure
- Provide subject matter expertise in Vulnerability and Compliance Scanning for on-prem and cloud Infrastructure, as well as enhanced vulnerability analysis and contextual feedback to support the resolution of discovered vulnerabilities and facilitate risk awareness. In this role, the candidate will deploy and administer various scanning solutions or automations to ensuring completeness and maintain scan coverage.
- Vulnerability Discovery
- Scanning of infrastructure and network devices, operating systems, databases, and wireless to detect vulnerabilities and misconfigurations
- Create custom scans and scan policies, tune settings for optimal performance and troubleshoot scan issues
- Provide enhanced vulnerability analysis and contextual feedback to stakeholders for discovered vulnerabilities or misconfigurations.
- Investigate false positive findings
- Report metrics for scan coverage and discovered misconfigurations or misconfigurations
- Deploy, maintain, and tune scanners to meet current and future needs
- Troubleshoot issues with the scans, credentials, agents, policies
- Update scan zones to include new network ranges
- Baseline Security Configurations
- Develop custom audit scripts for automated monitoring of approved Baseline Security Configurations (BSC) for Servers, workstations, network devices, databases, etc.
- Work with platform SMEs to ensure accuracy and completeness for the BSC scans
- Design monitoring solutions for new and existing technologies to determine compliancy with published standards.
- Tune scan policies for accuracy and speed
- Help Develop Team Capabilities
- Generate innovative ideas and challenge the status quo
- Develop scripts, automations, tools, or methodologies to enhance the team's processes and capabilities, and reduce toil
- Create/update runbooks and SOP documentation
- Participate in and actively support mentoring with other members of the team, and mentoring less experienced staff
- 300.000 - 500.000 USD/annuale