Security Engineer - Vulnerability Management

Children's Mercy Hospital Kansas City , MO 64126

Posted 2 months ago

Purpose: The Security Engineer

  • Vulnerability Management will be responsible for identifying information security vulnerabilities that could potentially be exploited and creating a remediation strategy with the appropriate internal unit or business partner that resolves the potential risks involved; balances business priorities, information security risks, emerging threats, and best security practices to ensure the confidentiality, integrity, and availability of information assets; recognize vulnerabilities, understand the associated risk, and develop achievable and effective remediation/mitigation strategies; measures potential risks against existing information security controls. Job responsibilities: Configuring vulnerability assessment tools, as well as performing internal, external, web application scans, researching and analyzing vulnerabilities, risk ranking and identifying business impact, identifying relevant threats, corrective action recommendations, summarizing and reporting results. Assessing organization#s perimeter, infrastructure, and applications# compliance with policies, standards, hardening baselines to identify gaps, prepare remediation plans, and work with system owners to reduce risk Leading scalable and effective remediation at all layers of the organization, infrastructure, and application stack by applying appropriate risk-based prioritization, simplifying requests and collaborating with business partners. Recommending appropriate policy, standards, process and procedural updates as part of comprehensive remediation solutions. Designing and delivering actionable Information Security dashboards and scorecards. Leading remediation of vulnerability assessments, penetration tests, and other internal/external vulnerabilities. Identifies and resolves problems in a timely manner; gathers and analyzes information skillfully; develops alternative solutions; works well in group problem solving situations; uses reason even when dealing with emotional topics. Balances team and individual responsibilities; exhibits objectivity and openness to others# views; gives and welcomes feedback; contributes to building a positive team spirit; puts success of team above own interests; able to build morale and group commitments to goals and objectives; supports everyone#s efforts to succeed. Pursues training and development opportunities; strives to continuously build knowledge and skills; shares expertise with others and documents key procedures.

    Requirements:
    Experience with vulnerability scanners, vulnerability management systems, patch management, and host-based security systems. Understanding of controls (e.g. access control, auditing, authentication, encryption, integrity, physical security, and application security). Bachelor#s degree and 3-5 years of relevant experience CISSP, Security+, Certified Vulnerability Assessor, Certified Ethical Hacker preferred # #

Purpose:

The Security Engineer

  • Vulnerability Management will be responsible for identifying information security vulnerabilities that could potentially be exploited and creating a remediation strategy with the appropriate internal unit or business partner that resolves the potential risks involved; balances business priorities, information security risks, emerging threats, and best security practices to ensure the confidentiality, integrity, and availability of information assets; recognize vulnerabilities, understand the associated risk, and develop achievable and effective remediation/mitigation strategies; measures potential risks against existing information security controls.

Job responsibilities:

  • Configuring vulnerability assessment tools, as well as performing internal, external, web application scans, researching and analyzing vulnerabilities, risk ranking and identifying business impact, identifying relevant threats, corrective action recommendations, summarizing and reporting results.

  • Assessing organization's perimeter, infrastructure, and applications' compliance with policies, standards, hardening baselines to identify gaps, prepare remediation plans, and work with system owners to reduce risk

  • Leading scalable and effective remediation at all layers of the organization, infrastructure, and application stack by applying appropriate risk-based prioritization, simplifying requests and collaborating with business partners.

  • Recommending appropriate policy, standards, process and procedural updates as part of comprehensive remediation solutions.

  • Designing and delivering actionable Information Security dashboards and scorecards.

  • Leading remediation of vulnerability assessments, penetration tests, and other internal/external vulnerabilities.

  • Identifies and resolves problems in a timely manner; gathers and analyzes information skillfully; develops alternative solutions; works well in group problem solving situations; uses reason even when dealing with emotional topics.

  • Balances team and individual responsibilities; exhibits objectivity and openness to others' views; gives and welcomes feedback; contributes to building a positive team spirit; puts success of team above own interests; able to build morale and group commitments to goals and objectives; supports everyone's efforts to succeed.

  • Pursues training and development opportunities; strives to continuously build knowledge and skills; shares expertise with others and documents key procedures.

Requirements:

  • Experience with vulnerability scanners, vulnerability management systems, patch management, and host-based security systems.

  • Understanding of controls (e.g. access control, auditing, authentication, encryption, integrity, physical security, and application security).

  • Bachelor's degree and 3-5 years of relevant experience

  • CISSP, Security+, Certified Vulnerability Assessor, Certified Ethical Hacker preferred

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Network Security Vulnerability Engineer

Criterion Systems

Posted 3 weeks ago

VIEW JOBS 5/12/2020 12:00:00 AM 2020-08-10T00:00 Overview At Criterion Systems, we developed a different kind of business-a company whose real value is a reputation for excellence built upon the collective skills, talents, perspectives, and backgrounds of its people. By accepting a position with Criterion Systems, you will join a group of professionals with a collaborative mindset where we share ideas and foster professional development to accomplish our goals. In addition to our great culture, we also offer competitive compensation and benefit packages, company-sponsored team building events, and advancement opportunities. To find out more about how Criterion can help you take your career to the next level please visit our website: www.criterion-sys.com. Our expert-level staff analyze, create, implement, and support cutting edge technologies in support of the Digital Infrastructure Services Center (DISC) contract for the United States Department of Agriculture. DISC provides critical IT infrastructure, data center services, and cloud hosting for vital federal government functions. Responsibilities * Assist in developing and implementing security standards and procedures. * Recommends industry best practices for performing vulnerability scans and vulnerability identification. * Assist in supporting compliance scanning for databases and vulnerability scanning for web applications. * Performs vulnerability/risk analyses of computer systems and applications. * Interact with vendors for guidance and best practice processes when scanning for vulnerabilities. * Provides basic engineering and technical support in solving networking and scanning problems. * Assist customers with best practice recommendations for web application vulnerability remediation. * Ensures that all information systems are functional and secure. * Performs analysis, design, and development of security features for vulnerability scanning systems. * Engineers and implements solutions that meet security requirements. Qualifications * US Citizenship * The ability to obtain a Public Trust Clearance * Associates Degree or Degree in relevant field or equivalent work experience in lieu of degree * Minimum of 3 years' experience * Basic networking knowledge and network troubleshooting experience required * Understanding of enterprise security practices and industry standards required * Experience with Nessus scanning software or alternative Criterion Systems, Inc. is committed to equal employment opportunity and non-discrimination at all levels of our organization. We believe in treating all applicants and employees fairly and make employment decisions without regard to any individual's protected status: race, ethnicity, color, national origin, ancestry, religion, creed, sex/gender, gender identify/gender expression, sexual orientation, physical and mental disability, marital/parental status, pregnancy (including childbirth, lactation, and related medical conditions), age, genetic information (including characteristics and testing), military and veteran status, or any other characteristic protected by law. For our complete EEO/AA and Pay Transparency statement, please visit https://careers-criterion-sys.icims.com/. Criterion Systems Kansas City MO

Security Engineer - Vulnerability Management

Children's Mercy Hospital