Staff Infosec Engineer

About the Role

What You'll Do

• Conduct regular vulnerability assessments and scans to identify security weaknesses in systems, applications, and networks 

• Continuously monitor systems for new vulnerabilities and emerging threats, and generate detailed reports on vulnerability status, trends, and remediation progress 

• Experience in Risk based Vulnerability Prioritization and remediation 

• Develop and implement remediation plans to address identified vulnerabilities, collaborating with IT and development teams to ensure timely resolution 

• Ensure compliance with industry standards and regulatory requirements related to vulnerability management, and develop and maintain vulnerability management policies, procedures, and best practices 

• Supports Compliance & Risk Management activities related to Vulnerability Management Program 

• Assess the potential impact of vulnerabilities on business operations and prioritize remediation efforts accordingly, providing recommendations for risk mitigation and security improvements 

• Monitor Organization Network for any potential Zero Day Vulnerabilities/Exploits 

• Ensure Rapid Response processes are rehearsed & kept up to date to handle any Zero Day Vulnerabilities or real time attacks 

• Maintain strong partnerships with people to drive end to end Vulnerability Management program 

• Educate the partnering teams on vulnerability management processes and security best practices, and stay updated on the latest security trends, tools, and technologies 

• Assist in the investigation and response to security incidents related to vulnerabilities, coordinating with incident response teams to mitigate the impact of security breaches 

• Publish periodic Vulnerability Management bulletin to InfoSec Leadership 

Who You Are

• Bachelor s degree in related filed, to include computer science, or equivalent combination of education and experience 

• 10+ years of experience in vulnerability management, cybersecurity, or a related field 

• Proficiency in vulnerability assessment tools and experience with security frameworks and standards (e.g., NIST, ISO 27001) 

• Proven understanding of Common Vulnerability Frameworks (CVE, CVSS, OWASP Top 10) 

• Strong analytical and problem-solving skills, with the ability to assess complex security issues and develop effective solutions 

• Excellent written and verbal communication skills, with the ability to convey technical information to non-technical stakeholders 

• Proven ability to lead and mentor teams, and to work collaboratively with cross-functional team 

Competencies: 

• Leads with a Growth Mindset. 

• Cultivates a Trusting Environment.  

• Drives what Matters.  

• Works with a 'One Team' Approach.