Title: Threat and Vulnerability Management Engineer
Location: Duluth Georgia
Duration: 3-6 Months - Contract to hire
About Client Corporation
Client Corporation (NYSE: Client) is a global technology company leading how the world connects, interacts and transacts with business. Client’s assisted- and self-service solutions and comprehensive support services address the needs of retail, financial, travel, healthcare, hospitality, entertainment, gaming and public sector organizations in more than 100 countries. Client (www.Client.com) is headquartered in Duluth, Georgia.
Threat and Vulnerability Management Engineer
This role is part of Client’s Global Information Security team. This team is responsible for developing and implementing Client’s corporate information security program. The primary goal of the program is to protect the confidentiality, integrity and availability of information resources. Key information security functions and activities include architecture and design for Client information security controls, developing and enforcing policies and standards, security awareness training, risk management, assessment and testing, monitoring and metrics, incident management, and threat and vulnerability management.
The Threat and Vulnerability Management Engineer role is focused on the management, notification, testing and communication of threats to Client infrastructure and the identification of vulnerabilities within Client’s infrastructure. This requires full engagement with staff throughout Client's technology and business-related departments as well as external vendors and service providers.
Key Responsibilities
- Create, improve and perform threat and vulnerability management processes
- Conduct regular vulnerability testing on Client’s infrastructure
- Support and provide consulting for the organizations responsible for remediation
- Ensure potential vulnerabilities are assessed and, if applicable, promptly addressed
- Manage third party penetration testing and associated remediation activities
- Select and implement new threat and vulnerability management technologies
- Identify and champion improvements to policy, standards and procedures
- Support incident management activity as needed
Typical Duties
25%
Vulnerability Testing
30%
Remediation Support/Consulting
15%
Metrics/Reporting
10%
Threat Analysis
10%
Tactical Assignments
10%
Administrative Assignments
Skills and Qualifications
- Five years of experience in information security
- Two years of experience in threat and vulnerability management and/or analysis
- Bachelor's degree in Information Security, Computer Science, Computer Engineering, or related degree program
- CISSP certification preferred
- Strong communication skills and ability to work in a collaborative atmosphere
- Strong attention to detail
- Firm understanding of information security and attack types and methodologies
- Knowledge of and experience with Common Vulnerability Scoring System (CVSS)
- Experience working with vulnerability management tools (Qualys, Foundstone, Rapid7, etc.)
- Experience with custom scripting and automation is a plus
- Ability to deal with ambiguity and translate high level objectives into detailed tasks
- Ability to prioritize work with multiple, simultaneous work assignments
- Ability to weigh business risks and enforce appropriate information security measures
- U.S. Citizen or Permanent Resident
EEO Statement
Integrated into our shared values is Client's commitment to diversity. Client is committed to being a globally inclusive company where all people are treated fairly, recognized for their individuality, promoted based on performance and encouraged to strive to reach their full potential. We believe in understanding and respecting differences among all people. This concept encompasses but is not limited to human differences with regard to race, ethnicity, religion, gender, culture and physical ability. Every individual at Client has an ongoing responsibility to respect and support a globally diverse environment.