Information Security Senior Engineer/Developer

---

Job description

*We are unable to sponsor as this is a permanent full time role*

*All Employees must be Covid-19 Vaccinated.*

A prestigious fortune 500 company is on the search for an Information Security Senior Engineer/Developer. This can be a remote position. They need someone with Python Scripting and have a good background in security with either infrastructure or networking. This role is revolved around automation so they can scan network devices, operating systems, databases, etc. They will detect vulnerabilities and misconfigurations.

Responsibilities:

• Provide subject matter expertise in Vulnerability and Compliance Scanning for on-prem and cloud Infrastructure, as well as enhanced vulnerability analysis and contextual feedback to support the resolution of discovered vulnerabilities and facilitate risk awareness. In this role, the candidate will deploy and administer various scanning solutions or automations to ensuring completeness and maintain scan coverage.
• Vulnerability Discovery
• Scanning of infrastructure and network devices, operating systems, databases, and wireless to detect vulnerabilities and misconfigurations
• Create custom scans and scan policies, tune settings for optimal performance and troubleshoot scan issues
• Provide enhanced vulnerability analysis and contextual feedback to stakeholders for discovered vulnerabilities or misconfigurations.
• Investigate false positive findings
• Report metrics for scan coverage and discovered misconfigurations or misconfigurations
• Deploy, maintain, and tune scanners to meet current and future needs
• Troubleshoot issues with the scans, credentials, agents, policies
• Update scan zones to include new network ranges
• Baseline Security Configurations
• Develop custom audit scripts for automated monitoring of approved Baseline Security Configurations (BSC) for Servers, workstations, network devices, databases, etc.
• Develop scripts, automations, tools, or methodologies to enhance the team's processes and capabilities, and reduce toil
• Create/update runbooks and SOP documentation

Qualifications

• Minimum of 5-7 years hands-on experience, working with security tools and performing vulnerability, and compliance scanning
• Must be proficient with Scripting languages - Python, Bash, PowerShell
• Must have expert knowledge of Linux and Windows operating systems, and cloud technologies
• Must have advanced knowledge in networking and databases
• Must have solid understanding of deploying and maintaining scanning infrastructure
• Experience leading projects and initiatives
• Required certifications: CISSP, AWS/GCP/Azure