Leverage the latest technology to solve business problems in a collaborative environment at this Fortune 500 transportation giant. Top technical resources are retained on long term contract engagements.
Position: Vulnerability Engineer
Location: Fort Worth, TX
Term: 8 months
- Perform discovery scanning via the Vulnerability Management Platform (scheduled and ad-hoc).
- Provide gap analysis to compare the list of known resources so gaps can be investigated and owners identified.
- Identify resource types (e.g. router, desktop computer, server, network switch, firewall, etc.), operating systems, and whether active services are "Enterprise" level.
- Populates data visualization tool (such as Tableau, Brinqa, and Hygieia) for reporting vulnerability metrics by system and owner.
Is this a good fit? (Requirements)
- Required Qualifications.
- Bachelors degree in Computer Science, Computer Engineering, Technology, Information Systems (CIS/MIS), Engineering or related technical discipline, or equivalent experience/training.
- 3 years of hands-on technical security engineering experience.
- Certifications: CISSP, CISM, CISA, CEH, GCIH, GSEC, GCFA, GREM, CCENT.
- Ability to install, configure, troubleshoot, and administer VM Platform(s). (Ex.Tanium, Tenable, Coverity, Brinqa, etc.).
- Experience with Tanium programming or creating custom configurations within Tanium.
- Experience with dynamic and static code analysis experience (e.g. QualysWAS, SAST tools, Tenable).
- Experience with security configuration checklists (e.g. CIS Benchmarks and CSA security guidance).
- Familiarity with NIST Special Publications (e.g. 800-171,800-53, CSF).
- Familiarity with PCI DSS Compliance standards and scanning practices.
- Ability to code and script Python, SQL, BASH, or PowerShell.
- Ability to configure and use technical assessment tools such as Tanium Comply and Tenable Nessus.
- Deep understanding of the technical architecture of IT systems built using Windows, UNIX, Linux, Solaris, VMware, Citrix, Oracle, and MySQL platforms.
- Experience and knowledge in cloud and Kubernetes environments. (Azure Kubernetes Service, IBM Kubernetes service, Oracle Cloud Infrastructure, etc..).
- Experience in DevOps Toolchain methodologies, including Continuous Integration and Continuous Deployment.
- Preferred Qualifications:
- 5+ years of hands-on technical security engineering experience.
- Ability to explain technical concepts and adjust messaging based on the audience, including non-technical groups; strong presentation and technical documentation skills.
- Ability to influence through outstanding interpersonal skills, collaboration, and negotiation skills.
- Ability to work well within a team environment, as well as independently.