Vulnerability Management Engineer

Duties & Responsibilities:

• Expert-level knowledge of leading vulnerability scanning tools (Nessus, Qualys, Nexpose, Netsparker, Burp, etc.)
• Utilizing a strong understanding of TCP / IPv4 addressing, ports, protocols, services, DNS, DHCP, NAT, PAT, subnetting, and CIDR.
• Utilizing knowledge of various network devices including routers, switches, firewalls, IDS / IPS, load balancers, proxy servers, and network taps.
• Vulnerability Identification (including awareness of current vulnerabilities and patches) Manipulating data within files (XML and CSV for example) and between files utilizing knowledge of scripting using Python, Perl, and other.
• Risk bases analysis and prioritization by leveraging AI/ML where applicable.
• Driving resolution, patching including developing best practices
• In-depth experience supporting enterprise vulnerability management across IaaS, PaaS, and/or SaaS.
• Excellent overall understanding of cybersecurity vulnerabilities and threats to include identification and patching.
• Engineer, test, and deploy custom solutions for reducing vulnerabilities through automation across endpoint estate.
• Expert knowledge of system, application, and database hardening techniques and practices.
• Experience conducting all-source analysis, managing and tracking analytic production
• Recommend and support remediation/resolution activities associated with any discovered vulnerability in accordance with IBM Standards.
• Conduct vulnerability scans and assessments at the network, operating system, database, and application levels. Be able to create custom profiles in the vulnerability scanning tools and run scans on-demand basis or be able to schedule them.
• Perform vulnerability scanning and analysis to eliminate false positives and to aggregate findings by specific best practice criteria.
• Strong understanding of vulnerability management and security testing practices and methodologies.
• Manage and track hands-on resolution efforts with the operational support team.
• Developing unique solutions to challenging technical problems.
• Oversees, evaluates, and matures the intelligence of data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within the IBM environments (on-premise and cloud) for the purposes of mitigating threats. Ensure vulnerabilities are identified as early as possible and mitigated.
• Perform other duties as necessary or as required.

Required Skills:

• 5+ years of professional work experience with technical aspects of network, servers and web vulnerability management solutions
• At least 5 years’ experience in perform vulnerability assessments, analysis, and reporting
• 5+ years of (hands-on) experience in using vulnerability scanning tools (Nessus, Qualys, Nexpose, Netsparker, Burp, etc.)
• Experience in both Windows and Linux environments
• Ability to develop and maintain positive relationships with other technology teams/stakeholders Good understanding of the OWASP Top 10. Familiarity with vulnerabilities in 3rd party libraries and remediation
• Deep understanding of network and web vulnerability scanning application outputs
• Expertise in network infrastructure, including routers, switches, firewalls, and the associated network protocols and concepts
• Bachelor’s degree in Computer Science, Engineering, or equivalent experience
• Knowledge of Scripting and/or programming skills (e.g., Python, PowerShell, Java, JS, etc.)
• LinkedIn is Mandatory