Sr. Security Engineer - Atlanta, United States - Datum Software

    Datum Software
    Datum Software Atlanta, United States

    Found in: Lensa US 4 C2 - 1 week ago

    Default job background
    Description
    Sr. Security Engineer

    Position Type:

    Contract

    Location:

    Atlanta, GA

    Qualifications

    :

    5+ years of experience in Qualys (VMDR), Policy Compliance and Vulnerability Management.

    2+ years of experience in Kenna Security, Vulcan, or equivalent solution.

    Scripting experience with PowerShell, python, rest API.

    Experience developing reports in MS Power.

    Experience working with IoT/OT technology.

    Working knowledge of cloud environments such as AWS, GCP, and Azure.

    Bachelor's degree in information security, Information Technology or Computer Science.

    Knowledge of vulnerability management, policy compliance, and web application scanning solutions.

    Basic understanding of regulatory structures such as PCI, PII, and GDPR.

    Creative and adaptive work ethic, with a strong customer-oriented attitude.

    Ability to clearly communicate and present to various levels of the organization.

    Strong organizational and analytical skills with attention to detail.

    Independent and self-motivated and very thorough work ethic.

    Ability to identify gaps in process and develop solutions.

    Experience crafting tools to improve efficiency performing routine tasks.

    Experience with Excel functions and extracting data using multiple criteria.

    Understanding of Vulnerability Management holistically as a program.

    Responsibilities:

    Building and growing a next-generation vulnerability management program.


    Providing remediation guidance and recommendations and coordinating with the Technology organization, IT and other teams as needed to provide oversight to the remediation and/or mitigation of enterprise vulnerabilities.

    Evaluate and deploy vulnerability reporting solution to aggregate and centralize all infrastructure, application, and container vulnerabilities.

    Extensive Windows, Mac, and Linux experience and common configuration deficiencies.

    Thorough understanding of desktop, server, application, database, and network security hardening principles and practices for threat prevention.

    Develop vulnerability reports and scorecards that define the current state of the corporate network security risk posture.

    Perform research and analysis of scheduled and on demand vulnerability assessments and post results.

    Research exploit techniques and mitigation strategies.

    Perform analysis of asset and vulnerability information to identify risks that were not discovered via automated scanning.

    Troubleshoot issues that may occur during automated network scanning, and or agent scans.

    Review public and private vulnerability notifications/disclosures, consume research findings, and prioritize remediation efforts.

    Integrate vulnerability management tools with other systems, such as CMDB, SIEM, Archer, PowerBI.

    Assist with implementing policy compliance tools to monitor compliance against CIS and other industry related benchmarks.

    Assist with implementation of IoT and OT security solution to Client and secure unmanaged assets.

    Develop rules to identify non-compliant resources in our cloud environments and create automations to remediate the non-compliant resources.

    "All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

    #J-18808-Ljbffr