Information Security Engineer - Vulnerability Management

American Red Cross
Washington, DC
Oct 22, 2020
Oct 30, 2020
Full Time
By joining the American Red Cross you will touch millions of lives every year and experience the greatness of the human spirit at its best. Are you ready to be part of the world's largest humanitarian network? Job Description: We are actively seeking and experienced Vulnerability Management Analyst to join our Information Security team. In this role, you will be responsible for monitoring and reviewing vulnerability and compliance scan results. Performing detailed research and analysis of scheduled and on demand vulnerability assessments and post results to the system owners. Communicating to the leadership the vulnerability posture of the organization assisting the organization with lowering the overall risk posture for threats to the systems and data. Qualified candidates will have a background in security or systems engineering. Responsibilities: Collaborate with InfoSec engineers to review, assess and provide remediation recommendations regarding discovered vulnerabilities and their potential impact to the organization. Communicate with system owners the recommended remediation actions providing a comprehensive remediation solution as a collaborative effort to lower the risks to the organization. Establish communications with the organization for the release of newly identified vulnerabilities. Conduct research and evaluate technical and cyber threat intelligence to develop in-depth analysis and assessment on threats to vulnerabilities Track progress of vulnerability remediation with responsible system owners and\or support teams. Coordination with system owners to ensure remediation efforts are consistent with policy and escalate instances of non-compliance. Provide organizational vulnerability reporting to leadership with tracking, remediation efforts, etc. Typically has other unit-specific duties within the scope of the job Required / Preferred Qualifications: Strong technical skills with Microsoft Windows Server systems hardening, auditing and logging Technical Experience working with Linux Operating Systems Experience with large-scale Vulnerability Management Programs and supporting a organization with threat analysis Demonstrate advanced understanding of the principles of vulnerability assessments Experience with Vulnerability assessment tools (Qualys) Strong verbal and written communications skills with the ability to explain technical issues to non-technical audiences Must be a strong team player with a willingness to share information and train others; act as a mentor to less seasoned team members Must be a self-starter, with the ability to work with minimal direct supervision Must be highly organized and capable of prioritizing work loads Must be experienced in developing and presenting solution recommendations Occasional after-hours work and participation in on-call rotations is required Project Management skills a plus Education: 4-year college degree or equivalent combination of education and experience Computer Science, Computer Engineering, or related field Experience: Minimum 3 to 5 years required Essential Functions/Physical Requirements: Depending on work assignment, may require ordinary ambulatory skills sufficient to visit other locations; or the ability to stand, walk and manipulate (lift, carry, move) light to medium weights of up to 20 pounds. Requires good hand-eye coordination, arm, hand and finger dexterity, including ability to grasp, and visual acuity to use a keyboard, operate equipment and read technical information. Overall mobility is essential. May include sitting for long periods of time, driving a vehicle and working under challenging conditions. Work Conditions: Work is performed indoors with some potential for exposure to safety and health hazards related to emergency services relief work. May travel and participate in meetings and conferences throughout chapter jurisdiction, state and Red Cross system. Because the Red Cross is a disaster response organization, staff may be asked to be on 24-hour call during period of major disaster. Apply now! Joining our team will provide you with the opportunity to make a difference every day. The American Red Cross is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law. The American Red Cross is a diverse nonprofit organization offering its employee's professional development and growth opportunities, a competitive salary, comprehensive benefits, and a collaborative team spirit environment. To be considered for this position, please to apply. To view the EEOC Summary of Rights, click here: Summary of Rights