ProvidenceRecruiter Since 2001
the smart solution for Providence jobs

Cyber Defense - Senior Cloud Infrastructure Security Engineer - Vulnerability Management

Company: Citizens
Location: Chepachet
Posted on: January 12, 2022

Job Description:

DescriptionIn this hands on role within the Cyber Defense - Infrastructure Vulnerability Management Team, you will be responsible for performing vulnerability and compliance scanning and analysis to aid Citizens in assessing the vulnerability portfolio and posture of its assets and reducing the attack surface for exploitation.Working closely with business lines and infrastructure teams, you will directly contributes to the effort to identify, track, and remediate the open vulnerabilities (technical Vulnerabilities or build compliance deviations) on systems that store, process, or display Citizens data.-- - This role will be primarily focused on automated vulnerability scanning and remediation in cloud-native infrastructure across several Cloud Service Providers (CSPs) as enabling a DevOps transformation, therefore you must understand technology operations as well as security operations; such as cost-optimization strategies for security tooling in cloud-native architectures.-- - Responsibilities (but not limited to):Automation of vulnerability management activities within a public cloud environment including discovery, reporting, and remediation verificationWorking across development teams within an Agile development environment using standard collaboration tools such as the Atlassian tool suiteHands-on code/script development experience with distributed version control systems such as GitCommunicating security issues to a wide variety of internal and external "customers"-- - to include technical teams, executives, risk groups, vendors and regulatorsMaintaining a deep understanding of current threat, vulnerabilities, attacks, countermeasures and how to respond effectively to them while providing training to the rest of the team on these itemsDeveloping meaningful metrics to reflect the true posture of the environment allowing the organization to make educated decisions based on riskImproving the capabilities and maturity of the Citizens Vulnerability Management Program by identifying appropriate technologies, policies, communication channels, organizational structures and relationships with third partiesQualificationsExperience and Skills:3 years of progressive security industry experience, particularly within CSP environmentsCoding and/or scripting experience in Python, JavaScript (any framework), Java, or similar modern languagePossess strong technical security skills and comprehension of security and riskKnowledge of Cloud (AWS, Azure, etc.) and how to secure resource in these environmentsBasic Knowledge of Containers and Container Orchestration solutions a plusExpert understanding of various operating systems (Window, UNIX, Linux, AIX, etc.) with an emphasis on vulnerability assessment and hardening.-- - Subject matter expertise in at least one of the operating systems is requiredKnowledge of configuration management, change control/problem management, exception management and security baselines (e.g. CIS Baselines, NIST, vendor security technical implementation guides, etc.)Knowledge of networking fundamentals (all OSI layers); Certification such as Network+ a plusKnowledge and experience required in the areas of security assessment and vulnerability scanning, risk-based threat analysis, and security mitigation techniques Proficiency with the Microsoft Office suite, especially ExcelExperience with QualysGuard Vulnerability Scanner including its API, Vulnerability Management (VM), Policy Compliance (PC), Cloud View, AssetView, Cloud Agent, and other modulesDemonstrated experience with common penetration testing and vulnerability assessment tools such as nmap, Wireshark, Nessus, NeXpose, Kali, Metasploit, AppScan, WebInspect, Burp Suite Professional, Acunetix, Arachni, w3af, NTOSpider, ZAP Proxy, IronWASPSolid understanding of CVSS, CVE, CWE, CPE, CCE, CWE, OVAL, SCAP and other standardsAbility to present technical concepts to non-technical audiences with demonstrated excellent oral and written communications skillsPreferred Education and Certifications:One or more relevant security certifications (LPT, OSCP, GWAPT, GWEB, GCIA, GSNA, GCIH, CISSP, CISM, CISA, CEH, GIAC, GPEN, GCED, Security +)One or more cloud provider certifications: (Preferred) AWS Certified Solutions Architect, SysOps administrator, DevOps Engineer, or Security SpecialtyAzure Security EngineerBachelor's Degree or equivalent combination of experience Hours & Work ScheduleHours per Week: 40Work Schedule: Monday through FridayThis position is not available in Colorado#LI-Sourcer1-- -Why Work for UsAt Citizens, you'll find a customer-centric culture built around helping our customers and giving back to our local communities. When you join our team, you are part of a supportive and collaborative workforce, with access to training and tools to accelerate your potential and maximize your career growth.Equal Employment OpportunityCitizens, its parent, subsidiaries, and related companies provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to age, ancestry, color, citizenship, physical or mental disability or perceived disability, ethnicity, gender, gender identity or expression, genetic information, genetic characteristic, marital or domestic partner status, victim of domestic violence, family status/parenthood, medical condition, military or veteran status, national origin, pregnancy/childbirth/lactation, colleague's or a dependent's reproductive health decision making, race, religion, sex, sexual orientation, or any other category protected by federal, state and/or local laws.Equal Employment and Opportunity Employer/Disabled/VeteranCitizens is a brand name of Citizens Bank, N.A. and each of its respective affiliates.

Keywords: Citizens, Providence , Cyber Defense - Senior Cloud Infrastructure Security Engineer - Vulnerability Management, Engineering , Chepachet, Rhode Island

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category
within


Log In or Create An Account

Get the latest Rhode Island jobs by following @recnetRI on Twitter!

Providence RSS job feeds