Vulnerability Management Engineer (Contract) – Los Angeles, CA

Our large public sector client in Los Angeles is looking to obtain the services of two Consultants to implement and configure best practice for their vulnerability management program.  The Consultants will work on scanning, classifying, prioritizing, tracking, and reporting remediation for the Client’s servers, workstation, printers, Internet of service devices, and network’s routers, switches and appliances.

Description of Duties

  • Implement, configure, customize and support Tenable vulnerability management platform for all Departments, network and multi-cloud environment.
  • Oversee and prioritize actions and coordinates remediation of security gaps, protect technology, infrastructure, information assets and business operations.
  • Lead and document processes and procedures to support compliance regulations and security control requirements. Identify new or enhanced security procedural guidelines; document and communicates those to appropriate stakeholders.
  • Lead, design, implement, configurate and maintain Tenable and application vulnerability scanning solution to evaluate application vulnerabilities; perform technical analysis and validation to ensure that mitigation, and other remediation of security vulnerabilities have been performed.
  • Create and maintain dashboard for technology teams within each department.
  • Provide process recommendations for the vulnerability management process. Lead processes and procedures to support scanning vulnerability management workflow to include identification, classification, evaluation and remediation of security vulnerabilities.
  • Perform risk-assessment and impact analysis, reports vulnerability assessments and scanned results in a consistent, standardized manner based upon criticality and risk. Recommend remediation implementation and ensure system security as described in the policies and procedures.
  • Perform false positive analysis, remediation advice and vulnerability tracking through ticketing systems.
  • Conduct scheduled and ad hoc application and system scans, research and analyze vulnerabilities, identify relevant threats, corrective action recommendations, summarize and communicate findings effectively.
  • Ensure data flows are maintained between internal tools and enterprise wide reporting dashboard.
  • Develop and manage scanning/profiling tools and automated tasks.
  • Provide technical feedback on proposed solutions to identified vulnerabilities.
  • Analyze penetration test results and engage with technology partners and business units to resolve identified vulnerabilities.
  • Recommend approaches for addressing vulnerabilities include system patching, deployment of specialized controls, code or infrastructure changes, and changes in development processes.
  • Monitor team mailbox and ticketing system to ensure proper steps are taken for all identified vulnerabilities and support of the security operations center (SOC).
  • Understand asset criticality and the identification of system software and configuration vulnerabilities and critical information, data and processes that must be protected.
  • Utilize best practices and determine best remediation path.
  • Track weekly progress by each unit and assess overall risk of vulnerabilities.
  • Explain the new details of new vulnerability management platform and their impact on business processes.
  • Ensure that the customer understands the solution and receives responses to all open questions and action items.
  • Prepare related documents and specifications.
  • Assist with audits of assets data to ensure that the data is accurate and complete.
  • Respond to user support requests, diagnose and provide solutions to technical issues.
  • ·Work closely with Security Incident Response Team to help improve the team’s abilities in Detection, Prevention and Response capabilities.
  • Write custom scripts to automate processes as needed.
  • Collaborate with project team members to meet timelines and goals.
  • Contribute to project documentation and diagrams including quality assurance and ticket and bug management.
  • Perform knowledge transfer to coworkers within the section.
  • Deliver presentations and provide progress updates to managers and staff.
  • Provide after-hours support as needed.

Minimum Requirements

  1. Two (2) years of experience within the last four (4) years in cyber security performing vulnerability management solution and remediation tracking in production environment across the enterprise.
  2. Two (2) years of experience within the last four (4) years performing vulnerability scanning using one of the solutions: Qualys, Rapid7 or Tenable.
  3. Two (2) years of experience within the last four (4) years performing all of the following:
    • Security standards and fundamentals such as OWASP Top 10, CVSS, CVE.
    • Security knowledge on current threats, trends, and mitigations.
    • Penetration testing and remediation.
  4. Two (2) years of experience within the last four (4) years performing all the following:
    • Patch management for devices/applications/databases/operating systems.
    • Planning, designing, implementing, optimizing, and operating security solutions.
    • Operating Systems (Windows, RedHat etc.) and Database vulnerability management.
  5. Five (5) years of experience in an Information Technology focused role with the last two (2) years in information security.
  6. Must have one of the following: CISSP, ITIL, PenTest Certification, OWASP Certification, Tenable, Nessus, Qualys, Rapid 7, Certified Vulnerability Assessor. Proof of certification must be submitted with resume.