An employer is looking for a Vulnerability Management Engineer for a remote, contract opportunity, with possible hire. The client is a bank holding company and the Vulnerability Management Engineer will be supporting the IS Compliance space, particularly remediation. They will be responsible for performing all functions required to support day-to-day data security operations and accountable for security and networking infrastructure component availability and integrity, monitoring compliance with IT security policy, and coordinating investigation and reporting of security incidents. The Engineer will work with individuals from other parts of the organization, raising flags as to vulnerabilities and consulting them to a successful resolution. Because of this, the Engineer must have extensive understanding of vulnerability management and exceptional communication skills.
While the role is remote, the team works EST hours and therefore it is preferred that this candidate sit in EST or CST hours currently.
Primary Responsibilities:
Define, deliver, and support enterprise security tools and architecture in collaboration with other teams.
Enhance the Bank's network vulnerability management program for in-scope subsidiaries and affiliates.
Define security environments and lead the implementation and onboarding of new applications, programs, processes, projects, and initiatives into the Enterprise Vulnerability Management Program.
Communicate, escalate, support, and guide the resolution of open vulnerabilities, including infrastructure, application security, and configuration management vulnerabilities.
Conduct security research on threats and remediation techniques/technology, make recommendations to IS/IT teams, and oversee their implementation.
Proactively monitor and investigate security alerts from managed security service providers and in-house security tools.
Conduct risk assessments to evaluate the effectiveness of existing controls and determine the impact of proposed changes to business processes, applications, and systems.
Support ad hoc requests for reporting and control evidence, as needed.
Perform threat analysis and incident response by interpreting events.
Support the Bank's operational information security responsibilities, including developing and maintaining standards, procedures, and guidelines for the Enterprise Vulnerability Management Program.
Share knowledge and industry best practices with team members.
Serve as a security engineer/consultant on projects.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to
HR@insightglobal.com.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:
https://insightglobal.com/workforce-privacy-policy/ .
8 years' overall experience in Information Technology
At least 5 years' experience deep focus in Information Security, particularly vulnerability management
Experience with a vulnerability scanning tool (Qualys, Brinqa, Nessus, etc.)
Recent Security certification (CISSP, CISA, CISM)
Exceptional and proven communication skills
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.