Desired Skills and Experience

  • Operate and improve the end-to-end vulnerability management process, including aspects of asset inventory, contextual approach to scanning, conducting risk and vulnerability assessment, and providing reporting and remediation guidance.
  • Operate Web Application security testing, and Static Code vulnerability analysis
  • Provide in-depth analysis of vulnerabilities and related impact to stakeholders.
  • Lead regular meetings with stakeholders to coordinate remediation efforts and clarify ownership.
  • Influence stakeholders to prioritize risk treatment for identified vulnerabilities.
  • Provide security reviews of change management tickets submitted by the organization to ensure remediation efforts are acted upon in a timely manner.
  • Serve as the subject matter expert for threat and vulnerability processes.
  • Assist with associated incident response, security administration, and security monitoring initiatives as requested.
  • Bachelor’s degree in related field
  • A minimum of 5 years of experience in IT and information security, 2 of which must be in information security
  • Must be a self-motivated, detail-oriented professional
  • Excellent communication, facilitation, and writing skills
  • Strong knowledge in a scripting language such as perl or python
  • Strong knowledge of Java or an equivalent programming language
  • Experience using JIRA is preferred but not required
  • Experience with security tools, including: vulnerability management tools such as Nessus, or Qualys, Symantec Endpoint Protection, Veracode or IBM Appscan, nmap, metasploit, core impact.
  • Expert understanding of operating systems (Windows, Linux, Mac, iOS/Android)
  • Experience with, and understanding of, the healthcare industry is preferred
  • Demonstrated ability to develop and report on metrics
  • Excellent communication, facilitation, and writing skills
  • Understanding of networks and network architecture

Apply