Cyber Security Engineer - Threat and Vulnerability Management

Staples   •  

Westminster, CO

Industry: Retail & Consumer Goods


5 - 7 years

Posted 24 days ago


The security engineer has responsibility for (1) ensuring the operation of vulnerability scanning tools, (2) reporting on security vulnerabilities to system owners and leadership, and (3) working with owners to successfully remediate identified security vulnerabilities.


Responsibilities Specific to Role:

  • Maintain vulnerability scanning tools Identify security vulnerability owners and generate actionable reports
  • Work with infrastructure and application teams to provide remediation guidance
  • Collaborate with internal partners to enhance remediation processes
  • Automate vulnerability scanning operations
  • Develop metrics and dashboards for reporting on environment risk and remediation progress to various levels of management
  • Work with compliance team to ensure relevant PCI requirements are met
  • Integrate security tools with SDLC, CICD, and SOC
  • Identify and troubleshoot vulnerability scanning issues
  • Test identified vulnerabilities for false positives


Knowledge/Skill Requirements:

  • Bachelor’s degree in Computer Science, Information Assurance, or similar work experience
  • 5 years IT/development experience
  • 1+ year IT security experience
  • Experience with vulnerability scanning tools such as Qualys, Rapid7, or Nessus
  • Ability to translate technical risk to business risk
  • Passion for keeping up with current security threats
  • Strong problem-solving skills

Preferred Skills:

  • Penetration testing experience (familiar with Metasploit, Burp, common tools in Kali Linux)
  • Common knowledge of application security
  • ServiceNow development experience
  • Understands and clearly communicates security best practices
  • Comfortable working with large data sets
  • Understands weaknesses of vulnerability scanning tools and has ability to leverage/develop tools to address weaknesses

number: 1064009