Responsible for configuring vulnerability assessment tools, performing scans, researching and analyzing vulnerabilities, identifying relevant threats, providing corrective action recommendations, summarizing and reporting results
Automation of Scanning schedules using scripting or programming languages like Python, Shell/BASH scripting, or other languages. Identify feature requests/enhancements and work to incorporate key asks on the technical roadmap
Design/ build, of orchestration, automation solutions in VM stack and/or container stacks i.e., public cloud services (Azure & AWS) incorporating security and achieve continuous security scanning objective
Facilitate lessons learned for vulnerability incidents and root cause analysis for operational deficiencies with security infrastructure (e.g. missing patches, config mismatch, etc.).
Develop recommendations to baseline scanning tool security configurations for operating systems, applications, and networking equipment.
Manage tracking and remediation of vulnerabilities by leveraging agreed-upon action plans and timelines with responsible technology partners and support teams.
Design and deliver actionable dashboards and scorecards.
Review and coordinate changes to patching policies, procedures, standards, and audit work programs in a continuous improvement model.
Partner with stakeholders who own and support applications, IT infrastructure, and operations
Develop and manage the technical roadmap for the Vulnerability Management Service.
Tenable IO (Vulnerability scanning tool) experience is mandatory
5+ years of hands-on experience in AWS and Microsoft Azure configuration and administration of security features.
Container security tools experience (Twistlock) will be an added advantage
CEH, CISSP and/or equivalent certifications are preferred.