Jo1621

Company Background:

Our client is a global leader providing online education, assessment, remediation, certification, and e-learning solutions for the post-secondary academic market specifically serving the nursing, allied health, sports medicine, public safety, and financial services industries. The company employs more than 900 employees in 35 states. Our client portfolio companies consist of Jones and Bartlett Learning, ATI Nursing Education, the National Healthcare Association, ExamFX, the National Academy of Sports Medicine, Boston Reed, Advanced Informatics, and ClickSafety. 

 The Senior Security Engineer will contribute to protecting the company from threats and vulnerabilities through identification, validation, remediation tracking, and communication processes. In this critical role the Information Security team will provide technical security expertise in vulnerability management, threat management and other security domains. The ideal candidate will possess a thorough understanding of current and emerging attack techniques, vulnerability management platforms, container architecture and security best practices and is able to offer and develop solutions.

Responsibilities:

• Administers vulnerability platforms and processes to ensure all program functions are effective in identifying threats and vulnerabilities that could impact our operations, data, and systems.
• Accountable for managing critical vulnerability processes and producing reports within defined SLAs.
• Provides technology security expertise and recommendations on vulnerability topics.
• Research and analyze known system exploits and vulnerabilities to support methodology development and execution.
• Collaborates across Information Security organizations, other technology teams, and third-party vendors to ensure information is being shared, and processes and defenses are updated accordingly.
•  Ensures appropriate operations documentation is maintained and procedures are validated on an ongoing basis.
•  Platform maintenance or security incident support may be required after-hours.

Education and Experience:

• Applicants should possess 7+ years of demonstrated experience in cybersecurity, network engineering, and/or infrastructure engineering. 5 of the years must include hands on experience in one or many of the following areas – threat intelligence, server vulnerability management and container vulnerability management.
•  3+ years’ experience administering cloud container vulnerability solutions like Aqua or Wix is required. Candidates without this experience will not be considered.
•  3+ years working with container technologies and container vulnerabilities is required.
• Candidates without this experience will not be considered.
•  Experience with scanning solutions such as Rapid7, Qualys, or Tenable scanning is desired.
•  Understanding of MITRE ATT&CK and OWASP frameworks is desired.
•  Understanding of malware and common attack types is desired.

Skills and abilities:

• Proactive attitude towards anticipating problems, implementing solutions, and accomplishing goals.
• Ability to work under pressure and apply critical thinking skills to meet project deadlines or operational SLAs.
• Proven ability to communicate risks, solutions, and recommendations to complex problems to different audiences.
• Self-starter and ability to quickly shift priorities.
• Excellent interpersonal skills as well as strong verbal and written communication skills.
• Willingness to perform various roles when required to achieve results.