HireRight is the premier global background screening and workforce solutions provider. We bring clarity and confidence to vetting and hiring decisions through integrated, tailored solutions, driving a higher standard of accuracy in everything we do. Combining in-house talent, personalized services, and proprietary technology, we ensure the best candidate experience possible. PBSA accredited and based in Nashville, TN, we offer expertise from our regional centers across 200 countries and territories in The Americas, Europe, Asia, and the Middle East. Our commitment to get it right every time, everywhere, makes us the trusted partner of businesses and organizations worldwide.
OverviewThe Vulnerability Threat Engineer III will be part of a team that is responsible to identify, classify, advise, track remediation and help to mitigate security risks and vulnerabilities that may result in harm or disruption to the Company.
Responsibilities- Utilize a vulnerability assessment playbook and document runbooks according to industry best practices
- Coordinate with internal security testers and other stakeholders for reporting on security bugs within internally developed applications
- Perform application vulnerability testing; static and dynamic code analysis to support the Dev Ops process
- Define compensating controls as well as remediation tasks to mitigate risk of vulnerabilities
- Identify internal and external threats that could result in unauthorized disclosure, misuse, alteration or destruction of customer information
- Produce vulnerability, configuration, and coverage metrics and reporting to demonstrate assessment coverage and remediation effectiveness
- Conduct vulnerability assessments, red teaming and penetration testing to identify weaknesses and countermeasures
- Perform attack surface reviews and multilayer defense systems to prevent exploits, detect and intercept attacks, and discover threat agents
- Leverage software tools to aid in the discovery and removal of vulnerabilities in a system
- Provide timely vulnerability assessment reports to key stakeholders
- Ensure timely follow-up with patch management and vulnerability remediation
- Simulate attack vectors using different TTPs leveraging variety of manual and automated tools
- Configure and review logs & alerts from automated threat intelligence tools
- Work with the SOC Engineers in the incident response process to provide threat hunting capability
- Participate in on-call rotations with other team members.
EducationBachelor's degree in computer science or related work experience.
Required Skills & Experience
- Bachelor's degree in a related field and/or a minimum of 3 years of equivalent experience
- Minimum of 2 years of experience in performing vulnerability assessments and penetration tests
- Experience running & managing automated vulnerability scanning and related tools
- Knowledge of standard vulnerability & exploit framework (ex: CVSS, OWASP Top 10)
- Experience securing multiple platforms and operating systems
- Expertise of industry standard threat and vulnerability controls
- Solid understanding of network design and architecture
- An understanding of security frameworks: ISO 2700X, NIST, CIS
- Cross platform programming and/or scripting is a plus
- One of the following active certifications: GPEN, OSCP, CEH
In exchange for your expertise, HireRight offers an excellent employee benefit package which includes:
- Medical
- Dental
- Vision
- Paid Life/AD&D Insurance
- Voluntary Life Insurance
- Short & Long Term Disability
- Flexible Spending Accounts
- 401K
- Generous Vacation and Sick Program
- 10 Paid Holidays
- Education Assistance Program
- Business Casual Attire
- Generous Referral Program
- Employee Discounts and Rewards
- And much more!
Curious? Contact us and show us that you are the tech professional we are looking for!
*All resumes are held in confidence. Only candidates whose profiles closely match requirements will be contacted during this search.
HireRight, LLC is an Equal Opportunity Employer
Minorities / Females / Veterans / Disabilities
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
HireRight does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of HireRight and HireRight will not be obligated to pay a placement fee.
Employment Type: FULL_TIME