Senior Threat & Vulnerability Management Engineer
Remote - USA
Applications have closed
Plastiq
Manage your cash flow, automate your payables, and start accepting payments with no fees - all in one place. Plastiq simplifies your payments.
As a Threat, Asset, and Vulnerability Management Engineer, you will work closely with stakeholders to ensure detection, visibility, and observability of threat, asset, and vulnerability management goals are met.
Your Responsibilities
- Assist in configuring vulnerability assessment tools & services as well as scan execution, researching, analysis, corrective actionable recommendations, and summarizing with reporting results.
- Maintain awareness of emerging threat actors, patterns, and techniques
- Assist in asset inventory management
- Engage with a broad variety of stakeholders to understand the respective processes to ensure actionable tickets are filed correctly
- Monitor, understand, and prioritize vulnerabilities uncovered by DAST, SAST, IAST, fuzzing, variant analysis, and third party security researchers
- Perform threat modeling and actor profiling
- Coordinate scanning activities with cross functional teams and collaborate with all levels of the organization
- Communicate scanning results and remediation plans to stakeholders
- Provide actionable guidance for vulnerability remediation. Identify and eliminate false positives and false negatives.
- Assist in TAVM tools, services, and platforms
Minimum Experience Requirements
- 5+ years of professional information security/security engineering/software development experience and at least 2 years of professional vulnerability management experience
- Understanding of controls (e.g. access control, auditing, authentication, encryption, integrity, physical security, and application security)
- Experience with a wide variety of vulnerability identification tools
- Must be well versed in development lifecycles rom a threat, asset, and vulnerability perspective
- Well versed in operating systems such as Linux as well as MacOS environments, microservices on cloud native stacks, encryption schemas and algorithms, various authorization and authentication mechanisms/software, network monitoring and sniffing, TCP/IP networks, and vulnerability management
- Experience with vulnerability scanners, vulnerability management systems, patch management and cloud-based / host-based security systems
- Knowledge of vulnerability scoring systems (CVSS)
- Must possess excellent verbal and written communication skills
- Ability to learn new technologies
Your Nice to have Experience
- Technical network (e.g. CCNA, CCNP Security) and security certifications highly desirable (e.g. OSCP, CISA, CISSP, GCIH)
Tags: Application security Audits CCNP CISA CISSP Cloud CVSS DAST Encryption FinTech GCIH Linux MacOS Microservices Monitoring OSCP SAST TCP/IP Vulnerabilities Vulnerability management
Regions:
Remote/Anywhere
North America
Country:
United States
Job stats:
8
0
0
Categories:
Security Engineering Jobs
Threat Intel Jobs
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open Forensics-related jobs