Threat & Vulnerability Management (TVM) Engineer at iManage
***Please note: Due to the ongoing Covid-19 situation, all jobs are currently remote-friendly but we would love to have you in our Chicago office once deemed safe and appropriate to return.***
Being a Threat & Vulnerability Management Engineer at iManage means…
You are excited to join a dedicated, energetic, and fast-growing global team as a TVM Engineer. You will run the day-to-day TVM operations including attack surface management, vulnerability scanning, reporting then lead, track and collaborate on remediation efforts with other teams across the globe.
You will take ownership for producing vulnerability, configuration, and coverage metrics to demonstrate remediation effectiveness and how risk is being reduced in the environment along with producing situation reports for distribution to other teams and senior leadership. This will include ensuring that vulnerability management Service Level Agreements and policies are defined, tracked and met across the enterprise and reported on.
iM responsible for…
- Obtaining product specific knowledge of the firm’s key products and develop an understanding of how the underlying components are structured and how potential vulnerabilities may affect the platform.
- Working with threat intel and analysis tools and vendors to identify, automate, manage and prioritize continually changing threats.
- Performing day-to-day monitoring of private and public cloud, VM and container, vulnerability management systems and scans ensuring accuracy and data integration into the SIEM.
- Deploying, managing, and maintaining all endpoint related TVM systems including asset & service scanning, vulnerability management and EDR.
- Reviewing scans and performing threat analysis of detected vulnerabilities then work with other teams and management to prioritize accordingly.
- Collaborating with asset owners and the business for timely remediation of threats and vulnerabilities.
- Managing attack surface areas and tooling necessary for scanning & analysis and integrating results with Enterprise SIEM reporting and SOC team.
- Customizing reports on assessment findings and summarizing to facilitate remediation tasks for various teams.
- Building and maintaining TVM SLA & KPI tracking tools to ensure team and company compliance.
- Assisting team with shared administration and management tasks.
- Interfacing with infrastructure and other teams throughout the organization with the objective to provide high quality and low friction, security operations services.
- Participating with product & service Agile/Scrum teams.
- Preparing and documenting standard operating procedures.
- Acting as part of the incident response team providing troubleshooting, analysis and forensics when needed.
iM qualified because I have…
- Demonstrable experience understanding security for both private and public cloud environments.
- Experience using one, or more, of the major market-leading vulnerability management solutions such as Rapid 7, Qualys or Tenable.
- Exposure and/or experience using container scanning systems such as Sysdig or Twistlock.
- Hands on management of endpoint solutions from one of the leading suppliers such as CrowdStrike, Carbon Black or TANIUM.
- A firm understanding of, and experience with, DevOps, SRE and SDLC methods, tooling, processes, procedures and the security needs around them.
- Proven knowledge of “Full Stack” cloud development and common cloud architectures.
- Extensive automation experience using Ansible, Puppet, Chef and/or Salt.
- In depth operating system experience including Windows Server, CentOS/RedHat and Debian/Ubuntu.
- A definite understanding of PKI & encryption technology, especially SSL/TLS.
iM getting to…
- Join a supportive, experienced team benefiting from continuous growth within an inclusive, encouraging and vibrant culture
- Onboard remotely and be included in all aspects of iManage life
- Collaborate cross functionally
- Help mentor, lead, and coach junior team members
- Focus on meaningful work, solving complex, real world issues utilizing the latest technologies and protocols
- Own your learning and growth within our career development support framework plus, access a huge range online learning library
- Receive competitive benefits that include; attractive salary based on market data, health/vision/dental/life insurance, 401k matching, performance bonuses, flexible working environment, generous PTO, unlimited sick days and so much more!
iManage combines artificial intelligence with content and email management to free, secure, and understand information. Over 3000 companies and 1 million users worldwide rely on our market-leading software to share and protect their most valuable data. Our work is not always easy but it is ambitious and rewarding.
So we’re looking for people who love a challenge. People who are happiest when they’re solving problems and collaborating with the industry’s best and brightest. In exchange, we’ll make sure the work you do here is worth doing. That’s the iManage way. It’s how we do things that might appear impossible. How we develop our employees’ strengths and unlock their potential. It’s how we find meaning in everything we do.
Whoever you are, whatever you do, however you work. Make it mean something at iManage.
Learn more at: www.imanage.com
Please see our privacy statement for more information on how we handle your personal data: https://imanage.com/privacy-policy/
Mid - Senior