The Engineer profile is a key role in the Security Testing Services Team. It involves managing and executing security testing projects, ensuring a high level of quality in service delivery, and developing solutions to improve the efficiency of the testing.
Specific Duties and Responsibilities Include:
•Conduct Vulnerability Scanning using Tenable Security Center and Nessus
•Conduct Policy Compliance Scan of various platforms using Nessus
•Work with Tenable support to resolve issues with vulnerability scanning
•Validate false positives and recommend appropriate solutions to fix the vulnerabilities
•Initiate & manage scan and publish results, track for remediation of vulnerabilities
Required Candidate profile
Must have skills:
•Expertise in performing Vulnerability Scanning using Tenable Security Center and Nessus
•Expertise in performing Configuration Review of multiple platforms such as OS and Network Devices both using tools and manual approaches
•Expertise in manually analyzing vulnerabilities to remove false positives
•Expertise in determining impact and ease of exploitability of vulnerabilities
•Ability to provide alternative solutions or workarounds
•Flexible and creative in helping to find acceptable solutions for customers
•Good communication and writing skills with the ability to talk to both business and technical teams
Good to have Skills:
•Security certifications such as CEH, OSCP, etc.
•Ability to work independently with minimal oversight and in collaboration with teams
•Knowledge of vulnerabilities and their impact to the systems/applications and client environments
•Knowledge of different standards such as PCI DSS, HIPAA, ISO, etc.
Graduate or higher