What are the responsibilities and job description for the Security Engineer - Vulnerability Management position at NITYA Software Solutions, Inc.?
Job Details
Role: Security Engineer - Vulnerability Management
Location: Mountain View CA (100% Onsite)
C2C
Security Engineer - Vulnerability Management Role |
Must-Have Skills (Non-Negotiable) - Vulnerability Management. |
DETAILED JOB DUTIES
Skill Set for Security Engineer - Vulnerability Management Role
Must-Have Skills (Non-Negotiable) Vul. Mgmt
- Identify, Analyze, and Prioritize the Impact of Vulnerabilities
- Assess and prioritize vulnerabilities based on real-world impact.
- Examples: Using risk-based factors beyond CVSS, incorporating threat intelligence and environmental factors.
- Tools: OWASP, SANS 25, AWS Security Hub, Tableau, Qlik Sense for risk assessment.
- Mitigation if Patch is Not Ready
- Implement compensating controls and temporary mitigations for unpatched vulnerabilities.
- Examples: Using WAF rules, network segmentation, access controls until a patch is available.
- Tools: AWS, Kubernetes, Docker Security Measures, Advanced WAF Configurations.
- Automating Future Detection
- Develop and implement automated detection mechanisms for vulnerabilities.
- Examples: Automating scans, continuous vulnerability assessment, and reporting.
- Tools: Python, Java, Ruby, Node, AWS Security Hub, JIRA, ServiceNow.
- Detecting Malicious Payloads
- Identify and prevent malicious payloads before execution.
- Examples: Using threat intelligence and behavioural analytics for payload detection.
- Tools: CrowdStrike, AWS GuardDuty, SIEM solutions.
- Blocking Advanced WAF Evasion Techniques
- Enhance Web Application Firewall (WAF) security to detect and block advanced evasion attempts.
- Examples: Implementing custom WAF rules and monitoring attack patterns.
- Tools: AWS WAF, Cloudflare, ModSecurity, Imperva.
- Automating Threat Responses
- Automate incident response workflows for detected vulnerabilities.
- Examples: Using security playbooks to trigger automated remediation actions.
- Tools: AWS Lambda, Python automation, SIEM integrations.
- Risk-Based Factors Beyond CVSS
- Consider additional risk factors beyond CVSS scores when prioritizing vulnerabilities.
- Examples: Evaluating exploitability, business impact, attack surface exposure.
- Tools: Threat intelligence feeds, vulnerability management dashboards.
Good-to-Have Skills (Preferred but Not Mandatory) Vul. Mgmt
- Cloud Security & Container Security
- Secure AWS, Google Cloud Platform, Kubernetes, Docker environments.
- Data Analytics for Security Posture Improvement
- Utilize Tableau, Qlik Sense, SQL for security data analysis.
- Experience in Influencing Secure Software Development
- Work with developers to build security-first applications.
