Sr. Vulnerability Management Engineer

Experis is partnering with a clients in the Frisco, McKinney, Plano area for Sr. Security Engineers with a strong background in Vulnerability Management.

Sr. Vulnerability Management Engineer

Terms : 3 Month Contract to Hire

Location : Hybrid

Compensation : 125K - 130K w / potential bonus

DESCRIPTION :

The purpose of Cybersecurity Engineering and Operations is to provide best in class and versatile security services to the enterprises.

Within the Cybersecurity Operations team, there are many agile squads that have distinct responsibilities.

The vulnerability management squad is focused to identify configuration and software vulnerabilities in the environment.

To assist with risk-based prioritization remediation efforts that can reduce the overall risk profile and to utilize vulnerability management success to drive operational change.

RESPONSIBILITIES :

The IT security engineer will be responsible for applying vulnerability management principles and best practices to proactively protect and maintain the confidentiality, integrity, and availability of the environment.

Ensures continuous vulnerability lifecycle management with detecting, monitoring, and reporting vulnerability data. Provides engineering support and enhancements for a global vulnerability management program. Support includes run books, scan templates, scan scheduling, scanning networks and advanced scanning authentication (secrets and certificates).

Drives requirements, evaluations, implementations, and troubleshooting of vulnerability management capabilities. These capabilities support a global vulnerability management program. Responsibilities include documenting engineering processes and practices that supports cyber security operations. Supports vulnerability management team with establishing individual goals that support overall objectives.

Assesses current and emerging threats, cyberattacks, and zero-day vulnerabilities that pose risks. Supports compliance and risk management activities, recommending security controls and corrective actions to mitigate vulnerability risks.

Provides communication and interfacing with leadership, driving vulnerability management engineering best practices, and representing the technology risk management program.

Strategically architect vulnerability collection points and scanners that provide visibility and perspectives on the network. The network perspectives include public networks, location private networks (wired and wireless), data centers, DMZ networks, endpoints and IoT devices

Identified vulnerability data is aligned with asset management to identify critical assets combined with threat data to assist with completing a risk equation, or a risk value. The risk score is a compilation of many data sources that assist with identifying a certain population set to prioritize remediation.

QUALIFICATIONS :

8 years of experience in Cybersecurity with at least 4 years of vulnerability management experience working with tools such as CrowdStrike Falcon, Rapid 7, Qualys, Tenable (Experience in at least one of them) which includes implementation, upgradation, complex analysis, and integration in the production.

Experience in public cloud vulnerability management and understanding of public IP space and perimeters.

Problem solving skills to resolve problems effectively and creatively while maintaining a high level of flexibility, professionalism, and integrity.

Information Security Certifications related to vulnerability management like CISSP, CISM or CRISC.

Experience in Information Security Risk Management frameworks and best practices for Vulnerability management, Risk Analysis, Reporting Metrics and Assessments.

ManpowerGroup is committed to providing equal employment opportunities in a professional, high quality work environment. It is the policy of ManpowerGroup and all of its subsidiaries to recruit, train, promote, transfer, pay and take all employment actions without regard to an employee's race, color, national origin, ancestry, sex, sexual orientation, gender identity, genetic information, religion, age, disability, protected veteran status, or any other basis protected by applicable law.