What does a successful Senior Vulnerability Management Engineer do?
You will work in conjunction with the Cybersecurity Organization, technology teams, and infrastructure owners on vulnerability scans, analysis, and reporting to support the Vulnerability Management program across Fiserv globally. You should be able to travel domestically and/or internationally and provide off hours on-call support for issues requiring escalation. This position requires that the candidate be a US Citizen or a permanent resident.
What you will do:
- Deploy and maintain vulnerability management technology used to identify and mitigate vulnerabilities and security issues
- Validate and triage identified vulnerabilities
- Contribute to developing and operating the vulnerability life cycle processes, detection, analysis, prioritization, and reporting
- Partner with Cyber Threat Intelligence, the Cybersecurity Incident Response team, and technology remediation groups to deliver shared outcomes that measurably improve our efficacy to detect and remediate vulnerabilities
- Analyze vulnerability and related data in support of creating vulnerability prioritization, developing metrics, and risk identification
- Analyze data to measure and improve scan coverage
- Participate in cybersecurity incident response efforts as needed
What you will need to have:
- 3+ years’ experience working with vulnerability management tools; Tenable.sc/Security Center, Tenable.io/Tenable Vulnerability Management, Tenable Nessus, and ACAS
- 3+ years’ experience with current automated and human-driven approaches to vulnerability identification management
- 2+ years’ experience with CMDB/Ticketing platforms (e.g., ServiceNow)
- 2+ years’ experience and demonstrated success in technology roles with emphasis on vulnerability management, information security and a strong technical background
- 1+ years’ experience in cybersecurity organizational practices, operations risk management processes, architectural requirements, and vulnerability risk
- 1+ years’ experience in network protocols/enterprise architecture and with controls or frameworks such as NIST 800-53, NIST CSF, MITRE ATT&CK
- Must meet requirements to obtain & maintain 2C & 6C GOVT Clearance / Certifications
- Bachelor’s degree in computer science, IT security, or a related field, or an equivalent combination of education, work, and military experience
What would be great to have:
- Industry security certifications are desirable
- Scripting, automation, and database experience are desirable
#LI-RM1
R-10334728
