Vulnerability Management

 
Location: Wood Dale, Illinois
Posted On: 10/9/2017
Job Code: Vulnerability Manage
Print
 
Job Description
 
Position Details:
Industry: Financial
Position: System Engineer-Vulnerability Management
Location: Wood Dale, IL 60191
Duration: Direct

Position Overview:
The Security Analyst (Vulnerability Management) works to protect data and system integrity with approved vulnerability scanning. This position reports to the Vulnerability Management Department Manager.
Oversight is achieved by monitoring and investigating potential security vulnerabilities and threats as reported by FRB’s security tools; performing security data analytics; identifying and addressing potential data loss channels; and staying apprised of potential security challenges through the gathering and processing of cyber intelligence.
The position will work closely with other Network Security Engineers and Information Services personnel to ensure appropriate controls are in place, and to ensure that security policies are being effectively employed.

Responsibilities & Duties:
Information Security Threat and Vulnerability Management
• Responsible for configuring vulnerability assessment tools, as well as performing scans, researching and analyzing vulnerabilities, identifying relevant threats, corrective action recommendations, summarizing and reporting results.
• Approaches for addressing vulnerabilities include system patching, deployment of specialized controls, code or infrastructure changes, and changes in development processes.
• Identify and resolve any false positive findings in assessment results.
• Reporting Produce metrics and reporting on the state of system security, threat, vulnerability and patch management.
• Analyze data sources and recommend optimal data sources to provide relevant reporting.

Provide IT Governance metrics and reporting
• Oversee Remediation Activities:
o Manage tracking and remediation of vulnerabilities by leveraging agreed-upon action plans and timelines with responsible technology developers and support teams.
o Recommend appropriate policy, standards, process and procedural updates as part of comprehensive remediation solutions.
o Validate remediation by reviewing application updates or deployed mitigations to verify resolution.
• Stakeholder Consulting:
o Provide security consulting services, as needed, to various projects.
o Build effective relationships with stakeholders who own and support applications, IT infrastructure, and operations. Gain commitment from stakeholders and project teams to implement recommended security controls.
o Perform duties & responsibilities specific to department functions & activities.
o Performs other duties & responsibilities as required or assigned by supervisor

Qualifications:
• Bachelor's degree in a related field and/or a minimum of 3-5+ years of experience in performing vulnerability assessments
• Technical network (e.g. CCNA, CCNP Security) and security certifications highly desirable
• Understanding of controls (e.g. access control, auditing, authentication, encryption, integrity, physical security, and application security).
• Must be well versed in operating systems such as Linux as well as Windows environments, Active Directory, VPN systems, encryption schemas and algorithms, various authorization and authentication mechanisms/software, network monitoring and sniffing, TCP/IP networks and vulnerability and threat management tools (including network based scanners).
• Experience using Nessus and/or Retina as the primary vulnerability scanners
• A solid understanding of network design and architecture
• Experience in scripting and powershell
• Expert understanding of the OSI model and TCP/IP
• Excellent written and verbal communication
• Excellent problem solving and troubleshooting skills

Client provides an engaging, dynamic work environment, an excellent compensation package including 401k, employee stock purchase plan, medical/dental, life insurance and more!
Category:IT  code:new
 
 
Job Requirements
 
 
CCNA/CCNP, Vulnerability, Linux, Windows, Active Directory, TCP/IP
 

Not Ready to Apply?
Contact Details
 
Recruiter
Krystal Gonzalez
 
Phone
 
 
LinkedIn