Security Ops Engineer

Job Description

Job Description

About the job

As aVulnerability Management and Remediation Engineer, you will work closely with the Application Lifecycle Management team to identify, analyze, and remediate vulnerabilities in our software applications. You will utilize your hands-on experience with Vulnerability Scanning & Management tools such as Nexpose, Tenable, AppScan, Prisma Cloud, and Kenna Security to conduct comprehensive vulnerability assessments.

What you’ll do

• Lead and drive remediation efforts with business units and various areas of IT to enhance the efficiency of the client’s vulnerability management processes.
• Articulate risk and impact to internal stakeholders, effectively conveying the urgency and need to remediate vulnerabilities based on the risk they pose to the client and client IT.
• Analyze application vulnerabilities, determine their cause and impact, and identify necessary corrective actions to eliminate and prevent future occurrences.
• Perform vulnerability reproduction and validate fixes for reported vulnerabilities, providing comprehensive technical guidance and advice to internal stakeholders as needed.
• Engage actively with internal stakeholders, including development, IT, product owners, legal, corporate communications, and relevant cybersecurity teams, to manage holistic response and remediation efforts for identified vulnerabilities.
• Collaborate with business units to determine reporting and metrics needs, and share and present reporting and metrics to cybersecurity and management.
• Possess strong knowledge of vulnerability assessment tools such as Qualys, InsightVM, InsightAppSec, or similar tools, including configuration, maintenance, scan execution, and agent deployment.
• Conduct vulnerability scans at the network, operating system, database, and application levels for both internal and external systems within the organization.
• Build and maintain metrics and key performance indicators (KPIs) for vulnerability management, including scan coverage and compliance against defined service level agreements (SLAs).
• Demonstrate strong knowledge of UNIX operating systems, command line usage, and system administration.
• Establish multiple relationships with senior-level customers and managers across the organization, serving as a respected technical interface internally and externally to deliver and enhance the service.
• Analyze threat and vulnerability feeds, and assess data for applicability to the organization.
• Conduct vulnerability assessments, red teaming, and penetration testing to identify weaknesses and develop countermeasures.

What you’ll need

• Bachelor’s degree in Computer Science, Information Technology or related field.
• 2-4 years of related experience in Security Operations, Application Lifecycle Management, Application Security, Penetration Testing, and/or Incident Response.
• Hands-on experience with Vulnerability Scanning & Management tools such as Nexpose, Tenable, AppScan, Prisma Cloud, Kenna Security.
• Program management experience in a technology/software company is required.
• Familiarity with Coordinated Vulnerability Disclosure (CVD), Common Vulnerability Scoring System (CVSS), MITRE Common Vulnerabilities and Exposures (CVE) systems, and OWASP Top 10.
• Hands-on experience with web security testing tools, such as Burp Suite, nmap, SSL scan.
• Advanced English language proficiency.

Why AspireIn addition to a competitive long-term total compensation with salary and performance-based bonus, we have a reward philosophy that expands beyond this. 

• Be part of a (Remote is here-to stay) organization.
• Work and learn from great minds.
• Explore new opportunities to learn and grow everyday by attending technical and nontechnical training.
• Get market exposure by working with international tech leaders. 
• Nursery reimbursement benefit. 
• Aspire Wellness Program. 
• Attend virtual and onsite international tech conference.