Security Operations Specialist - Vulnerability Management

Essential Job Duties:

• Provides technical leadership, advice, guidance and perform IT Cybersecurity related activities. 
• Works under limited supervision and in conjunction with team members with the objective to ensure a secure and compliant environment.  Manage day to day Vulnerability Management, Application Security and assisting in threat intelligence activities.
• Manage day to day security tools such as Vulnerability Management, Data Loss Prevention, File Integrity Monitoring, Encryption, Key Management, Intrusion Detection, etc.
• Work with various technology teams to ensure tool sets used to detect infrastructure security issues are deployed on all necessary platforms. 
• Research new security trend and provide recommendation to support increased security protection for our environment. 
• Defines objective and implements complex solutions related to IT Cybersecurity. 
• Accountable for project results, timing and productiveness in delivery activities. 
• Provide technical expertise in Information Technology and on Security products with hands-on experience. 
• Assist with data protection initiatives and other programs as necessary 
• Participates in the internal and external audit program to demonstrate security procedures and tools to assure ongoing compliance. 
• Contributes to corrective and preventive action process. 
• Recognizes problems related to project objectives and applies sound judgement when addressing the issues. 
• Independently generates solutions based on analytical skills and business knowledge. 
• Pursues a program of self-development using selected reading, seminars, and participation in continuing education. 
• Performs all duties and responsibilities as required by the company Security Policies and Procedures. 
• Identifies and communicates possible improvements in the work process for customers and peers. 
• Performs other duties as assigned by immediate supervisor or upper management 

Required Qualifications:

• Bachelor’s degree in a scientific or technical discipline required 
• 5+ years of technical, hands-on proficiency in multiple cybersecurity competencies (e.g. network security, systems security, application security, security operations) 
• 5+ years’ experience performing security technical testing or technical controls validation including documentation of testing methods and results 
• Experience implemented Vulnerability Management process to include configuration and scanning, reporting, and the remediation process 
• Qualys experience  
• Expertise developing API to include integrating API calls into applications and troubleshooting API issues 
• Knowledge of security standards and controls (e.g., NIST, CIS etc). 
• Proactive awareness of emerging cybersecurity threats and technologies
• Detail oriented with strong verbal and presentation skill
• Demonstrated proficiency with executive level presentations and status reporting 
• Excellent interpersonal, communication, and negotiation skills 
• Possesses research and analytical skills 
• Effective written and oral communication, technical writing and editing skills
• Ability to work independently with minimal supervision 

Preferred: 

• Security related certification (i.e. Security+, CISSP, GIAC, etc) 
• Experience implementing security controls to meet requirements of various security and privacy related standards and regulations such as SOC I/II, ISO 2700x, HIPAA, GDPR, HITRUST, etc 
• Defender Endpoint Detection and Response knowledge and experience.
• Knowledge of security controls related to infrastructure technology including enterprise storage, Windows and Linux Operation systems, ESX VMware, etc. 
• Usage of SIEM products (e.g., Sentinel) to collect data and investigate anomalies. 
• Understanding of using SIEM products (e.g., Sentinel) to collect data and investigate anomalies. 
• Experience in Security administration of cloud (Azure security). 

 Note:

• This role requires Monday-Friday, 8:00-5:00 ET schedule.