ImagineX is a rapidly growing technology consulting firm with an obsession for consistently delivering excellence to clients while always remaining passionate for what we do. At IX, we understand that happy consultants make happy clients, so nothing is more important to us than a strong culture, solid leadership, collaboration, open communication, and supporting our people each and every day.
We are on the hunt for a full-time Senior Vulnerability Management Engineer with solid experience working in professional services. You’ll enjoy working with a sharp, energetic & fun group of consultants. No big egos allowed! We offer flexible work hours (100% remote forever), exciting projects (you’ll never get bored working on the same engagements), and the opportunity to work with a variety of bleeding edge technologies. Be a leader, have a voice, and make an impact at ImagineX Consulting!
Requirements:
- 2-4 years hands-on experience with an Enterprise Vulnerability Management platform (Qualys highly preferred) performing scanning, report generation, and data analysis.
- Expertise with at least one vulnerability management tools such as Qualys, Tenable, and/or Rapid7
- Experience/familiarity with vulnerability remediation processes, including prioritization, change management, analysis, and triage
- Understanding of networking technologies and concepts (routing, switching, network segmentation, etc.)
- Ability to perform information systems security vulnerability scanning to discover and analyze vulnerabilities and characterize risk to networks, operating systems, applications, database, and other information system components
- Ability to perform compliance scanning to analyze configuration and facilitate implementation of configuration hardening settings on networks , operating systems, applications, database, and other information system components
- Ability to navigate multiple tools to recommend appropriate remedial actions to mitigate risks and ensure information systems employ appropriate level of information security controls
- Ability to validate remediation actions and ensure compliance with information security policy and regulatory requirements
- Familiarity with AWS or Azure cloud administration.
- Automation or scripting experience and/or ability to integrate tools
Bonus skills:
- Incident monitoring and investigation as it relates to vulnerability scan data
- Ability to assess Threat Intelligence to review vulnerabilities and risk rank exposures
- Familiarity and experience with endpoint tools like Tanium and CrowdStrike
- Familiarity with Container technologies
- Consulting Experience
