| 100% Remote: Multiple Security Engineer Roles - Only GC, USC Needed at Remote, Remote, USA |
| Email: [email protected] |
| From: Prashant Yadav, Itecs [email protected] Reply to: [email protected] Role: 1 Position: Senior Security Engineer Location: Fully Remote Duration : Long Term Visa type: Only Green Card, Citizens Primary Job Duties & Responsibilities: Develop and maintain remediation specific KPI and KRI Produce interactive dashboards using PowerBI to drive engagement and remediation Produce exportable reports to be used for engagement and tracking and reporting to leadership Work closely with application development teams and security delivery leads to drive application risk remediation in conformance with security policy SLAs Engage teams for the remediation of vulnerabilities sourced from Static Analysis, Open Source Scanning, Mobile Scanning, and API Scanning Support remediation efforts for identified vulnerabilities, ensuring they are addressed in a timely and effective manner Provide guidance and support to development teams on secure coding practices Routinely communicate and report risk information to application teams, leaders, and organizational points of contact Remain current with the latest security trends, vulnerabilities, and mitigation techniques Work with cross-functional teams to ensure security is considered throughout the software development lifecycle Triage and support service request tickets Update security procedures and processes to align with program requirements Participate in office hours to provide remediation guidance and support Required Qualifications: 3+ years of experience with cyber security and secure development practices 2+ year of experience creating interactive dashboards using PowerBI 1+ year experience using Python or similar interpreted languages to extract data via APIs to support reporting 1+ year of experience with modern Software Development Lifecycles and CI/CD practices Proficiency with common application security vulnerabilities (OWASP Top 10 and SANS 25) Proficiency tracking data across multiple workstreams Solid interpersonal skills to adapt personal communication styles to the style of others Customer-focused mindset with a strong desire to provide excellent customer experiences Requires minimal direction, works well independently and is a resource of wealth of information for others and provides technical guidance for other team members Comfort with collaborating and refining processes as part of a team. Preferred Qualifications: Familiarity with NIST 800-218 Secure Software Development Framework Familiarity with OWASP Application Security Verification Standard Education: Bachelor's degree or equivalent experience Role: 2 Position: Staff Security Engineer (Vulnerability Management) Location: Fully Remote Duration : Long Term Visa type: Green Card, Citizens Core Responsibilities : Support the Enterprise Qualys Vulnerability footprint and participate in Qualys integration across all Enterprise lines of business. Continually looking for opportunities to optimize and automate work and the work conducted by team. Maintain, where appropriate, vendor relationships in support of Vulnerability Management practices Communicate with clients to understand their security needs and develop engagement plans to satisfy all requirements. Support migration efforts for ticketing capabilities as part of integration to streamline and optimize support requests. Work with the team to support respective Qualys subscriptions for the lines of business and educate the POCs to support both on-prem and Cloud vulnerability initiatives. Collaborate with peer Security teams in advancement of Vulnerability Management practices for the Enterprise. Support Asset Management program maturity through Qualys expertise and Cloud activities Collaborate with other employees in order to build the company's overall capabilities, specific to the Qualys and Cloud areas. Identify and deliver automated solutions to improve efficacies in the vulnerability Management Scanning program. Support Audits and Assessments and other key requests of Vulnerability Management Required Qualifications : 7+ years of related experience required A deep understanding of the cybersecurity vendor landscape and how tools and technologies can be leveraged to achieve desired outcomes. Expertise in Web Application Scanning / DAST Scanning Expertise in interpreted languages (Python, Ansible) and high-level languages (Java script, .Net, PowerShell) with full-stack development experience Expertise with vulnerability management Expertise with working with SQL Software development background and strong knowledge of software development lifecycles Automation experience Previous experience deploying and maintaining configuration as code systems, services, containers and applications in AWS, Azure and/or GCP Preferred Qualifications : 3+ years of cloud experience (Oracle, GCP, Azure or AWS) Experience with infrastructure, network and workstation vulnerability management scanning Experience with Qualys VMDR, Qualys Web Application Scanning, EASM and the Qualys Cloud Agent In-depth familiarity with Windows and Unix Operating Systems Customer-focused mindset with a strong desire to provide excellent customer experiences. Requires minimal direction, works well independently and is a resource of wealth of information for others and provides technical guidance for other team members Ability to translate strategic business objectives into operational initiatives and tactical actions Understanding of current information security challenges and solutions Comfort with collaborating and refining processes as part of a team. Education : Bachelor's degree from accredited university or equivalent experience (high school diploma + 4 years relevant experience) Role: 3 Position: Security Engineer Location: Fully Remote Duration : Long Term Visa type: Green Card, Citizens Primary Job Duties & Responsibilities: Work closely with application development teams and security delivery leads to drive application risk remediation in conformance with security policy SLAs Engage teams for the remediation of vulnerabilities sourced from Static Analysis, Open Source Scanning, Mobile Scanning, and API Scanning Drive remediation efforts for identified vulnerabilities, ensuring they are addressed in a timely and effective manner Provide guidance and support to development teams on secure coding practices Routinely communicate and report risk information to application teams, leaders, and organizational points of contact Remain current with the latest security trends, vulnerabilities, and mitigation techniques Work with cross-functional teams to ensure security is considered throughout the software development lifecycle Triage and support service request tickets Update security procedures and processes to align with program requirements Lead office hours to provide remediation guidance and support Required Qualifications: 5+ years of experience with cyber security and secure development practices 3+ year of experience with modern Software Development Lifecycles and CI/CD practices Proficiency with common application security vulnerabilities (OWASP Top 10 and SANS 25) Proficiency tracking data across multiple workstreams Solid interpersonal skills to adapt personal communication styles to the style of others Customer-focused mindset with a strong desire to provide excellent customer experiences Requires minimal direction, works well independently and is a resource of wealth of information for others and provides technical guidance for other team members Comfort with collaborating and refining processes as part of a team. Preferred Qualifications: Familiarity with NIST 800-218 Secure Software Development Framework Familiarity with OWASP Application Security Verification Standard Education: Bachelor's degree or equivalent experience E-Mail Is The Best Way To Reach Me . Thanks N' Regards, Prashant Yadav IT & EBusiness Consulting Services Inc Fax: 866 977 7575 [email protected] https://itecsus.com/ https://www.linkedin.com/in/yadav-itecs-b9551822b/ Note: HEADPHONES, AIRPODS, EARPODS etc, will not be allowed during interview, kindly attend the interview using Laptop's microphone only. Keywords: continuous integration continuous deployment information technology 100% Remote: Multiple Security Engineer Roles - Only GC, USC Needed [email protected] |
| [email protected] View all |
| Tue Jul 09 21:25:00 UTC 2024 |