A large healthcare company is seeking an experienced Vulnerability OT, IoT and AI Scanning Engineer to join its enterprise Endpoint Vulnerability Management security team. The client is over $370Bn in revenue and operates over 9,000 locations. They are dedicated to putting people first from their customers to their employees, engaging with customer feedback to further innovate to provide the best care possible, simplifying processes for care, creating a trusting environment, and to creating the safest and highest quality of care to keep patients protected. The client is dedicated to giving back to those around them. They have stared a Foundation to provide financial support to the communities to help with areas such as maternal health, mental health, scholarships, free health services/screenings, etc.
The Vulnerability OT, IoT and AI Scanning Engineer will lead efforts in identifying, assessing, and mitigating security vulnerabilities in Operational Technology (OT), IoT (Internet of Things) devices and AI/ML (Artificial Intelligence/Machine Learning) systems. The team does not currently have someone focused in AI/IoT so this resource will be helping shed light on what scan types can be used in these areas and conducting the scans. This role involves designing and implementing robust scanning mechanisms, analyzing vulnerabilities, and collaborating with cross-functional teams to ensure security best practices are followed throughout the lifecycle. Additionally, this role will also contribute to advancing our Continuous Threat Exposure Management program to reduce overall risk exposure. They will be given a framework to follow to assess what risk level is associated. The client is currently using Qualys Attack Surface Management (ASM), Wiz and Prisma, but can take someone that has exposure to Rapid 7, Tenable etc. They will also perform root cause analysis for failed scans, perform scans in Qualys and help consolidate Qualys scans to manage them better and be more efficient.
________________________________________
Key Responsibilities:
Vulnerability Management
Design, develop, and maintain automated vulnerability scanning solutions for OT, IoT and AI/ML systems.
Conduct vulnerability assessments leveraging scanning tools and custom scripts for IoT and AI models.
Identify, prioritize, and report vulnerabilities to stakeholders while recommending actionable mitigation strategies.
Perform contextual risk analysis to assess vulnerabilities and threats against environmental, business and asset risk factors.
Leverage the results of the analysis to recommend risk-based remediation prioritization.
Monitor and analyze security vulnerabilities in IoT firmware, communication protocols, APIs, and AI models.
OT and IoT Security
Partner with the penetration testing team to perform assessments on OT, IoT devices, embedded systems, and connected ecosystems.
Assess risks associated with insecure communication channels, firmware updates, and hardware vulnerabilities.
Analyze and evaluate IoT communication protocols (MQTT, CoAP, Zigbee, etc.) for potential threats.
Develop methodologies to test and audit IoT device security, including physical and wireless interfaces.
AI/ML Model Security
Conduct vulnerability assessments on AI/ML models, ensuring protection against adversarial attacks and model poisoning.
Identify and mitigate model vulnerabilities such as data leakage, model inversion, and backdoor attacks.
Collaborate with AI/ML engineers to integrate security-by-design principles during model development.
Continuous Threat Exposure Management (CTEM)
Implement and maintain a Continuous Threat Exposure Management (CTEM) framework that identifies, assesses, and mitigates threats in real time.
Utilize Attack Surface Management (ASM) tools to proactively discover shadow IT, misconfigured services, and exposed assets.
Continuously monitor the attack surface, identifying security gaps, misconfigurations, and zero-day vulnerabilities.
Develop workflows to prioritize and mitigate potential threats based on severity, exploitability, and business impact.
Evaluate new and evolving threat vectors, ensuring security controls are updated accordingly.
Security Automation and Scripting
Develop custom scripts and automation tools to enhance vulnerability scanning and testing processes.
Utilize Python, Bash, or other scripting languages to automate repetitive tasks and enhance efficiency.
Integrate scanning tools with CI/CD pipelines to ensure continuous security in the development lifecycle.
Threat Intelligence and Risk Assessment
Stay up to date on emerging threats and vulnerabilities in IoT and AI/ML ecosystems.
Incorporate threat intelligence feeds and frameworks (MITRE ATT&CK, Cyber Kill Chain) to simulate adversary behavior and predict possible attack vectors.
Collaborate with red and blue teams to conduct threat simulations and refine incident response capabilities.
Analyze threat actor tactics, techniques, and procedures (TTPs) to improve monitoring and detection strategies.
Analyze potential threats and assess risk to proactively mitigate vulnerabilities before exploitation.
Collaborate with incident response teams to address zero-day vulnerabilities in IoT and AI environments.
Compliance and Policy Adherence
Ensure compliance with security standards such as NIST, ISO 27001, and PCI-DSS as they pertain to IoT and AI.
Document vulnerability findings and remediation efforts in accordance with industry best practices.
Compensation:
$50/hr to $57/hr.
Exact compensation may vary based on several factors, including skills, experience, and education.
Employees in this role will enjoy a comprehensive benefits package starting on day one of employment, including options for medical, dental, and vision insurance. Eligibility to enroll in the 401(k) retirement plan begins after 90 days of employment. Additionally, employees in this role will have access to paid sick leave and other paid time off benefits as required under the applicable law of the worksite location.
We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to
HR@insightglobal.com. The EEOC "Know Your Rights" Poster is available
here.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:
https://insightglobal.com/workforce-privacy-policy/ .
-35+ years of experience in vulnerability management, penetration testing, and security assessments for IoT and AI/ML environments.
-hands-on with vulnerability scanning and penetration testing frameworks like Nessus, Qualys, Metasploit, or similar tools.
-scripting and automation using Python, Bash, or PowerShell
-Proficiency in IoT security testing tools such as Shodan, Burp Suite, and Wireshark.
-Strong knowledge of AI/ML security techniques, including adversarial ML and model integrity analysis.
-Hands-on experience with communication protocols used in IoT environments (e.g., MQTT, Zigbee, CoAP, Bluetooth).
-Bachelors degree in Computer Science, Cybersecurity, Electrical Engineering, or a related field.
-OSCP, CEH, or GPEN for penetration testing.
-GIAC GICSP or IoT Security Certifications.
-Certified Ethical Hacker (CEH) or Offensive Security Certified Professional (OSCP).
-AI/ML-related certifications such as TensorFlow Security or AI Security certifications.