Vulnerability Management Engineer
With Atos in Atlanta GA USMore jobs from Atos
Posted on March 14, 2019
About this job
Job type: Full-time
Role: System Administrator
security, sysadmin, linux
The North American Cyber Security Division of Atos is currently looking for a Vulnerability Management Engineer (VME) to join their team and be a part of a transition and engineering team responsible for delivering the Atos Prescriptive Cyber Security solution to customers across North America.
As a Vulnerability Management Engineer, you will be a vulnerability and compliance deployment specialist for a very diverse client base. You will be working with a team that is responsible for the deployment of Tenable Nessus solutions, vulnerability process standup, change execution, and the maintenance and support of various vulnerability management technologies in a rapidly changing security sector in large enterprises.
This role will ensure best practice implementation and operations of vulnerability and compliance management solutions, policies and emerging technology to meet and respond to the ever-present threat to our client’s data and infrastructure. You will ensure that all technologies are operationally ready and documented for the operational teams to execute on capabilities.
- Keep abreast of evolving cyber threats and vulnerabilities, as well as recent breaches and the attack vectors
- Interact with customers to gather requirements and ensure implementation of vulnerability and compliance management solutions
- Develop and document best practices for vulnerability and compliance management solutions
- Lead the implementation team across multiple projects to endure the vulnerability and compliance solution is deployed according to best practices
- Responsible for the creation of procedures, implementation of processes and development of staff for vulnerability and compliance management solutions
- Contributor works closely with Senior Engineers in supporting existing systems and initiatives
- Responsible for configuration of current enterprise security log source types into the SIEM
- Analyzes and identifies areas of improvement with existing processes, procedures and documentation
- Demonstrates how to use vulnerability and compliance management solutions products to both technical/non-technical personnel
- Provide remote consulting services via interactive client sessions to assist with implementation of multiple product vendors and technologies
- Use ITIL Service Request, Incident, Risk, Problem, and Change Management principles to optimize and reduce risks within IT systems, particularly as it relates to security
- Design and configure system management tools to provide monitoring and management of vulnerability and compliance management solutions
- 3+ years professional experience maintaining Tenable Nessus systems
- 1-2 years professional experience working with vulnerability and compliance management solutions
- 1+ year professional experience writing Nessus audit files and custom plugins
- Knowledge of web application scanning using Tenable Products
- College degree or equivalent training with experience working in the Cyber Security field
- Information security knowledge in one or more areas such as Enterprise security products
- Understanding of network architecture and implementation is a must; ideal candidate will have worked with network security analysis
- Experience with Tenable Security Center dashboard creation and reporting
- Knowledgeable of Linux and Windows Operating systems (Windows and Linux knowledge required)
- Demonstrated experience architecting, implementing, tuning, and managing the Tenable Security Center
- Preferred experience with Tenable IO
- Basic experience with ITIL processes such as Incident/Problem/Configuration/Change management.
- Basic customer handling skills along with extensive hands on skills in defining and creating operational/procedure documents
- In-depth technical knowledge of vulnerabilities associated with current network, Operating systems and security hardware, software, protocols and Internet standards
- Knowledge applying security principles as it relates to IT Governance, Risk, and Compliance
- Basic understanding of SANS Critical Security Controls (CSC)
- Basic to Moderate knowledge of penetration techniques
- Basic knowledge of Information Technology forensic techniques
- Capable of technical documentation for data flows, system integrations, design documentation, and standard operating procedures
- General security knowledge (GIAC, CISSP, CCSE, CISA, HBSS, CEH, Cisco Security, Security +, or other security certifications)
- An understanding of a wide array of server grade applications such as: DBMS, Exchange, DNS, SMTP, IIS, Apache, SharePoint, Active Directory, Identity Management, Patch Management, LDAP, SQL, and others
- Certified Information Systems Security Professional (CISSP)
- GIAC Systems and Network Auditor (GSNA)
- GIAC Certified Penetration Tester (GPEN)
- Certificate of Proficiency for the corresponding product knowledge of Tenable.io, Nessus, SecurityCenter, SecurityCenter Continuous View
If you wish to apply for this position, please click below to complete our online application form and attach your CV in either Word, rtf or text format.
Atos does not discriminate on the basis of race, religion, colour, sex, age, disability, veteran status or sexual orientation. All recruitment decisions are based solely on qualifications, skills, knowledge and experience and relevant business requirements. We are committed to making reasonable adjustments to the applications process for people with disabilities.