Responsibilities
Lead Information Security Engineer
Are you a motivated and knowledgeable Info Security Engineer searching for an opening to shine in a vibrant and inventive workplace At Principal, we want a Lead Info Security Engineer to serve a vital function on our Network Vulnerability Management team. This is your chance to support our outstanding security initiatives and make a notable contribution!
Key Responsibilities
Handling Zero-Day Vulnerabilities and Overseeing Attack Surface Management
- Stay updated on cyber threat advisories for publicly disclosed vulnerabilities in core IT infrastructure, vendor software, and hardware products.
- Develop mitigation and remediation orders to address vulnerabilities.
- Apply Attack Surface Management tools, such as Security Scorecard, to maintain the company's security risk posture.
Network Vulnerability Oversight in Cloud Environment / Assets
- Possess an AWS Cloud Practitioner certification; AWS Cloud Security Specialty certification is a plus.
- Have a detailed understanding of AWS cloud compute services, such as EC2, Containers, and Lambda.
- Evaluate remediation priorities for vulnerabilities identified by enterprise vulnerability management tools.
- Analyze vulnerabilities and provide remediation recommendations to collaborators.
- Work independently with collaborators to meet organizational compliance requirements.
- Set up, configure, manage, and use Vulnerability Management tools (e.g., Prisma or equivalent experience, Wiz) to scan cloud workloads, with a preference for Wiz.
- Carry out special security projects, such as setting up scanning for new asset categories in the AWS cloud.
Network Vulnerability Oversight for On-premises Assets
- Evaluate remediation priorities for vulnerabilities identified by enterprise vulnerability management tools.
- Analyze vulnerabilities and provide remediation recommendations to collaborators.
- Work independently with collaborators to meet organizational compliance requirements.
- Deploy, adjust, and maintain Vulnerability Management tools (e.g., Qualys, Nessus, Nexpose, Insight VM), favoring Nexpose and Insight VM.
- Carry out special security projects, such as Blind Spots Assessment and setting up scanning of new asset categories in the on-prem network.
Other Activities of Vulnerability Management Ops
- Build and maintain process documentation related to Vulnerability Management as per business requirements.
- Identify and handle false positive vulnerabilities reported by tools.
- Assist collaborators with exception processing for vulnerabilities that cannot be remediated.
- Use the Archer tool for managing security vulnerabilities end-to-end, from reporting to closure with remediation/exception.
- Understand Vulnerability Scoring Systems like CVSS.
Qualifications
Qualifications
- 6-8 years of practical experience in the network vulnerability management area.
- Proficiency in using the Kali Linux toolkit for conducting penetration testing.
- Knowledge of TCP/IP networking and packet analysis.
Additional Information
Additional Information
Scripting and Automation Experience
- Practical experience in scripting languages such as PowerShell or Python.
- Analytical ability to identify automation opportunities in Vulnerability Management operational processes.
- Develop automation to increase the efficiency and productivity of the team.
