Security Engineer TVM
1251 Avenue of the Americas New York, NY 10017 US
We are hiring an Security Engineer with deep Threat Vulnerability Managment (TVM) experience for a long term contract consultancy working hybrid on-site 1-2 days per week in midtown Manhattan.
In a very hands-on capacity you will responsible for the support and administration of several core network security tools... interesting projects, very professional and high-end environment. There is the possibility of converting to full-time after 6-9 months. You will assist in the management of the company wide TVM program and also perform targeted risk assessments
In summary you will be responsible for the implementation, engineering, and management of security initiatives related to the end-point devices, evaluation and adoption of new systems.
TVM work will include:
- Meet regularly with the various SME’s to ensure vulnerabilities are patched in accordance with the Threat and Vulnerability Management procedures
- Escalate aged vulnerabilities
- Provide technical guidance to owners to document a Risk Acceptance for aged vulnerabilities
- Assist with effort to automate the TVM process
- Prepare monthly TVM RAS metrics
- Prepare reports for aged vulnerabilities
- Improve the TVM program to work more effectively and efficiently
Targeted risk assessment work will include:
- Evaluate applications and/or hardware assets to be assessed based on the inherent risk rating as well as other external factors
- Plan and document the scope of the assessment
- Inform the asset owner of the assessment in advance
- Document the results of the assessments, including Observations and/or MSII’s
- Report the results of the assessments
- Maintain/revise the Targeted Risk Assessment Procedure and improve the document
- Hands-on experience focused on managing Vulnerability Management solutions, including knowledge of Tenable/Nessus vulnerability scanning tools
- Endpoint management and best practices.
- Good Project Management skills
- Palo Alto Firewall administration, network security, operations and management best practices.
- Basic network design and infrastructure
- Active Directory and Group Policy.
- Knowledge of enterprise patching / software rollouts is a must and IBM BigFix experience is preferred.
- Tenable training and CISSP strongly preferred.
- Completed Bachelor’s degree with Computer Science or related (math, engineering,...) course of study
security AND vulnerability AND scanning AND monitor AND cyber
"Palo Alto" AND Cisco AND (firesight OR firewpower) AND firewall AND "client VPN" AND "Multi-Factor Authentication" AND "IP space administration" AND ("Next-generation" OR "NGFW") AND "Network Access Control" AND Cisco ISE"
3+ years of work experience supporting enterprise security solutions including experience with next generation firewalls such as Palo Alto and Cisco FireSIGHT/FirePOWER
Must have in-depth knowledge of network security best practices and various tools (Cisco VPN, Palo Alto VPN, Cisco ACS, Cisco ISE, NGFW, Solarwinds, IP Management tools, WireShark,...).