Vulnerability Management Engineeer
Our client is looking for Vulnerability Management Engineer for their core technology risk group, who secure this revered financial institution against cyber threats.
Responsible for detecting and preventing attempted cyber intrusions against the firm, helping to develop more secure applications and infrastructure, developing software, measuring cybersecurity risk, and designing and implementing cybersecurity controls. The team manages the lifecycle of vulnerabilities within the firm’s technologies, including vulnerability discovery, risk assessment, and treatment. They are a team of security, software and product engineers that allow the firm to respond appropriately to cyber security risks through the use of detection, design and development.
You will develop, architect, and deploy on premise and cloud solutions for vulnerability management. This role requires you to drive proactive identification of vulnerability detection requirements across the organisation. The ideal candidate will have strong cyber security engineering experience, preferably with vulnerability management tools such as Qualys or Nessus; hands-on technical skills on Amazon Web Services, Azure, containers, orchestration tools, and Splunk, with a good understanding of Windows, Linux, MacOS, TCP/IP, Network Security, and Python.
- Development, maintenance, and continual improvement of the vulnerability management platform, processes, and technical assessment support
- Contribute to vulnerability management strategy and automation
- Collaborate with various engineering teams to understand the vulnerability management needs and collectively develop remediation and mitigation strategies
- Perform vulnerability management product POCs as per the defined requirements
- Work on automated vulnerability scanning using scanners and agents in the public cloud
- Improve the security sensors by looking for opportunities to tune the vulnerability detection controls and coverage effectiveness
- Lead the security projects/tasks assigned by taking ownership of planning, implementation & coordination
- Script in languages such as Python, Java, and Shell Script to build workflows and automation of scan data
- Maintain knowledge and skillset relevant to trends in the industry
Technical Experience and Knowledge
- Minimum 3-5 years of security experience, specifically around organisational security and vulnerability management.
- Demonstrated understanding of infrastructure components and cloud vulnerability scanning
- Scripting and/or programming skills (e.g., Python, PowerShell, Java, JS, etc.)
- Strong presentation skills
- Strong English verbal and written communication skills
- Ability to multitask and prioritize work effectively
- Highly motivated self-starter
- Responsive to challenging tasking
- Attention to detail
- Strong sense of ownership and driven to manage tasks to completion
- Work experience on any major public clouds such as AWS and Azure.
- Advanced understanding of Linux Operating Systems
- Designing Cloud architecture including scanner and agent placement and communication strategies.
- In-depth understanding of any vulnerability scanning tools such as Qualys, Prisma Cloud, Rapid7, AWS Inspector
Apply for this role
All fields marked with * are required.