Staff Security Engineer - Vulnerability Management (Only Gc/Us Citizen's)

Core Responsibilities

 Support the Enterprise Qualys Vulnerability footprint and participate in Qualys integration
across all Enterprise lines of business.

 Continually looking for opportunities to optimize and automate work and the work conducted
by team.

 Maintain, where appropriate, vendor relationships in support of Vulnerability Management
practices∙ Communicate with clients to understand their security needs and develop
engagement plans to satisfy all requirements.

 Support migration efforts for ticketing capabilities as part of integration to streamline and
optimize support requests.

 Work with the team to support respective Qualys subscriptions for the lines of business and
educate the POCs to support both on-prem and Cloud vulnerability initiatives.

 Collaborate with peer Security teams in advancement of Vulnerability Management practices for
the Enterprise.

 Support Asset Management program maturity through Qualys expertise and Cloud activities∙
Collaborate with other employees in order to build the company's overall capabilities, specific to
the Qualys and Cloud areas.

 Identify and deliver automated solutions to improve efficacies in the vulnerability Management
Scanning program.

 Support Audits and Assessments and other key requests of Vulnerability Management

Required Qualifications

 7+ years of related experience required

 A deep understanding of the cybersecurity vendor landscape and how tools and technologies
can be leveraged to achieve desired outcomes.

 Expertise in Web Application Scanning / DAST Scanning

 Expertise in interpreted languages (Python, Ansible) and high-level languages (Java script, .Net,
PowerShell) with full-stack development experience

 Expertise with vulnerability management

 Expertise with working with SQL

 Software development background and strong knowledge of software development lifecycles

 Automation experience

 Previous experience deploying and maintaining configuration as code systems, services,
containers and applications in AWS, Azure and/or GCP

Preferred Qualifications

 3+ years of cloud experience (Oracle, GCP, Azure or AWS)

 Experience with infrastructure, network and workstation vulnerability management scanning

 Experience with Qualys VMDR, Qualys Web Application Scanning, EASM and the Qualys Cloud
Agent

 In-depth familiarity with Windows and Unix Operating Systems

 Customer-focused mindset with a strong desire to provide excellent customer experiences.

 Requires minimal direction, works well independently and is a resource of wealth of information
for others and provides technical guidance for other team members

 Ability to translate strategic business objectives into operational initiatives and tactical actions
Understanding of current information security challenges and solutions

 Comfort with collaborating and refining processes as part of a team.