Note: The job is a remote job and is open to candidates in USA. Hudson IT and Manpower is seeking an Information Security Engineer specializing in Vulnerability Management. This role is responsible for supporting day-to-day data security operations, enhancing the network vulnerability management program, and leading security initiatives across the organization.
Responsibilities
- Define, deliver, and support enterprise security tools and architecture in collaboration with other teams
- Enhance the Bank's network vulnerability management program for in-scope subsidiaries and affiliates
- Define security environments and lead the implementation and onboarding of new applications, programs, processes, projects, and initiatives into the Enterprise Vulnerability Management Program
- Communicate, escalate, support, and guide the resolution of open vulnerabilities, including infrastructure, application security, and configuration management vulnerabilities
- Conduct security research on threats and remediation techniques/technology, make recommendations to IS/IT teams, and oversee their implementation
- Proactively monitor and investigate security alerts from managed security service providers and in-house security tools
- Conduct risk assessments to evaluate the effectiveness of existing controls and determine the impact of proposed changes to business processes, applications, and systems
- Support ad hoc requests for reporting and control evidence, as needed
- Perform threat analysis and incident response by interpreting events
- Support the Bank's operational information security responsibilities, including developing and maintaining standards, procedures, and guidelines for the Enterprise Vulnerability Management Program
- Share knowledge and industry best practices with team members
- Serve as a security engineer/consultant on projects
Skills
- Excellent communication and presentation skills, and a proven background of presenting to senior leaders, large groups, etc. on relevant matters pertaining to large projects and impacting key functionality
- Lead and Implementation Experience
- Performing referral to principle
- Proven consistent experience in vulnerability management, security engineering, security consulting etc
- Proven experience with proactive threat management, research, escalation, discovery etc
- Solid understanding of popular security tooling and understanding of security architecture/interconnectedness of processes and tooling
- CISSP, CISA, CISM, AWS Solutions Architect certifications
- GRC/audit management experience
- Scripting/automation experience – python preferred
- Solid proven experience with tooling such as Qualys, Brinqa, Archer, ServiceNOW, Checkmarx, Prisma (and any AWS experience is great as well)
Benefits
- Medical, dental, and vision insurance coverage
- Optional life and disability insurance provided
- 401(k) with a company match and optional profit sharing
- Paid vacation time
- Paid Bench time
- Training allowance offering
- You’ll be eligible to earn referral bonuses!
Company Overview