Security Engineer - Vulnerability Management focus
We pride ourselves on being a great place to work where our employees are our most important asset and great ideas count more than titles.
Proficio provides always-on cybersecurity protection services and is a global Managed Security Services Provider (MSSP) and leader in Managed Detection and Response (MDR). Our 24/7 security operations center (SOC) helps clients detect critical threats and rapidly respond to prevent the risk of a security breach.
We are changing the way organizations meet their IT security and compliance goals by providing the most advanced managed security services — without the cost and complexity of acquiring sophisticated software or operating your own SOC.
Be part of this exciting time as cybersecurity is emerging as one of the top employed industries and Proficio is in rapid growth!
We are seeking a talented Security Engineer II with a specialty in Vulnerability Management with experience in vulnerability scanning and management.
- Review client’s current scanning and remediation process including asset auditing, security controls and configuration management, as well as patch management strategy. Make recommendations for improvement to enhance client’s security posture
- Responsible for understanding, reviewing, and interpreting assessment and scanning results, reducing false positive findings, and acting as a trusted security advisor to clients
- Assists with creation of vulnerability remediation plans for client including prioritization and risk assignment using industry standard tools and best practices
- Identify threat data and vulnerabilities found on client’s networks using Qualys
- Learn and adapt to client’s culture, security strategies, security goals, security objectives, and security capabilities
- Use Qualys and other industry standard tools to perform automated and manual scanning to discover, identify, validate, and assess security vulnerabilities of large, complex information systems, application and other critical resource.
- Test system technical security configuration settings, review various scan results for compliance with industry standards, and assist with developing and reviewing compliance reports that clearly identify security findings and proposed remediation strategies
- Prepare weekly and monthly reports with summary and analysis of findings
- Bachelor’s degree in Information Systems, Business, Engineering, or a related field from an accredited institution OR equivalent experience
- Excellent written and oral communication skills as this is a customer facing position
- Minimum 3 years working in vulnerability management program, performing tasks, such as scanning, assessment, remediation and reporting is required
- Ability to install, configure, troubleshoot, and administer QualysGuard, QualysWAS
- Familiarity with information security policies, standards, industry best practices, and frameworks (NIST 800-53, ISO 9001).
- Ability to prioritize tasks and projects to meet deadlines
- Experience with Kenna Vulnerability Management software is a plus
- Experience with industry standard tools such as Tenable, Nessus and/or Nexpose is a bonus
- Industry standard security certification such as Security+, Network+, SANS/GIAC, CISSP, CISA, CISM are also a plus
- Ability to manage conflicting priorities and customer expectations in a fast paced operational environment
- Proficiency in Microsoft Suite (Word, Excel, PowerPoint, Access, and Visio)
- Medical, Dental and Vision health plans and other benefits from day 1
- Weekly ProLunch, Game Room and fun employee activities!
- 401K plan
- Gym reimbursement
- Employee Assistance Program
- Life and Voluntary Life Insurance programs