Conduct scans (agent/network), analyze results (CVEs, CVSS), identify systemic issues, and perform risk assessments for complex environments (cloud, mobile, DB, OS)
Define VM policies, improve posture, guide remediation, lead risk reduction initiatives, and serve as the subject matter expert for complex security vulnerability challenges
Develops reports, dashboards, and alerts to automate tasks (Python, PowerShell), and track metrics.
Monitor threat landscape, analyze new vulnerabilities (NVD, MITRE), and provide proactive guidance.
Develops, tests and operates firewalls, intrusion detection systems, enterprise anti-virus systems and software deployment tools.
Provides complex engineering analysis and support for firewalls, routers, networks and operating systems.
Performs and evaluates vulnerability scans within a multi-platform, large enterprise environment.
Reacts to and initiates corrective action regarding security violations, attempts to gain unauthorized access, virus infections that may affect the network or other event affecting security.
Oversees user access process to ensure operational integrity of the system.

Experience working with vulnerability management/infosec (or equivalent experience)
Expert Knowledge with scanners (Tenable, Qualys, Rapid7)
Proficiency with authenticated scanning, agent vs network scanning, discovery, segmentation constraints
Proficiency with CSPM
Knowledge of OS (Win/Linux/macOS), cloud security, databases, and networking
Proficiency with CVE, CVSS, MITRE ATT&CK, FISMA, CISA directives
Strong risk analysis, root cause identification, and data analysis
Excellent communication, leadership, and ability to explain complex risks to diverse audiences.

Experienced Information Security Engineer

Key skills