- Function: Information Security
- Job Ref: 219446
• Performs discovery scanning via the Vulnerability Management Platform (scheduled and ad-hoc)
• Provides gap analysis to compare the list of known resources so gaps can be investigated and owners identified
• Identifies resource types (e.g. router, desktop computer, server, network switch, firewall, etc.), operating systems, and whether active services are "Enterprise" level
• Tracks via remediation management system and provides a wiki-style format to capture recommendation, analysis and facts, and links to other research
• Populates data visualization tool (such as Tableau, Brinqa, and Hygieia) for reporting vulnerability metrics by system and owner
• Researches vulnerabilities to determine attack vectors and possible vulnerable targets and launches specific scans and reports for that vulnerability in VM scanning tool(s).
• Coordinates with business, IT teams, and Technology Risk Management (TRM) to remediate compliance findings in a timely manner while addressing risk reduction objectives
• Defines, manages, and measures security configuration baselines in line with internal policies/standards and CIS benchmarks
• Defines and manages cloud specific technical security policies (CSA security guidance)
• Bachelor’s degree in Computer Science, Computer Engineering, Technology, Information Systems (CIS/MIS), Engineering or related technical discipline, or equivalent experience/training
• 3 years of hands-on technical security engineering experience
• Certifications: CISSP, CISM, CISA, CEH, GCIH, GSEC, GCFA, GREM, CCENT
• Ability to install, configure, troubleshoot, and administer VM Platform(s). (Ex.Tanium, Tenable, Coverity, Brinqa, etc.)
• Experience with Tanium programming or creating custom configurations within Tanium
• Experience with dynamic and static code analysis experience (e.g. QualysWAS, SAST tools, Tenable)
• Experience with security configuration checklists (e.g. CIS Benchmarks and CSA security guidance)
• Familiarity with NIST Special Publications (e.g. 800-171,800-53, CSF)
• Familiarity with PCI DSS Compliance standards and scanning practices
• Ability to code and script Python, SQL, BASH, or PowerShell
• Ability to configure and use technical assessment tools such as Tanium Comply and Tenable Nessus
• Deep understanding of the technical architecture of IT systems built using Windows, UNIX, Linux, Solaris, VMware, Citrix, Oracle, and MySQL platforms
• Experience and knowledge in cloud and Kubernetes environments. (Azure Kubernetes Service, IBM Kubernetes service, Oracle Cloud Infrastructure, etc..)
• Experience in DevOps Toolchain methodologies, including Continuous Integration and Continuous Deployment
• 5+ years of hands-on technical security engineering experience
• Ability to explain technical concepts and adjust messaging based on the audience, including non-technical groups; strong
• presentation and technical documentation skills
• Ability to influence through outstanding interpersonal skills, collaboration, and negotiation skills
• Ability to work well within a team environment, as well as independently
Candidates will be responsible for following the client's COVID-19 protocols. Please refer to your MATRIX representative for specifics.
At MATRIX, we expertly match talented professionals with job opportunities to elevate careers. Since 1983, we have placed thousands of professionals at innovative clients across every industry ranging from small startups to Fortune 50 companies. It’s why we’re consistently in the top 25 of all U.S. IT staffing firms and why our consultants rate us well above the industry average, earning us ClearlyRated's Best of Staffing awards year after year. People come to us for a job, and stay with us because of our top-notch consultant care.
MATRIX is and Equal Employment Opportunity employer including disability and veteran and provides reasonable accommodations for all qualified individuals. Supporting medical or religious documentation will be required where applicable. If you are a qualified individual you may request a reasonable accommodation under the American Disability Act (ADA). If you are a person with a disability needing assistance applying, or at any point in the hiring process, please email us at MATRIX_HR@MatrixRes.com. To ensure a quick response to your request, please use the words “Accommodation request” as the subject line of your email.
For hourly W2 contract roles MATRIX offers a highly competitive benefit package including Medical, Dental, Vision, Life, Disability, HSA, and 401(k) with pre and post-tax options. Please see MatrixRes.com/Benefits for more information.
For direct hire placement with our clients, benefits would be offered in accordance with that particular client’s offerings. This may include PTO, Medical, Dental, Vision, 401K and other pre and post-tax options.