Vulnerability Management Engineer
- You will implement and direct processes across the vulnerability management lifecycle, including Discovery, Prioritization of Assets, Vulnerability Assessment, Reporting, Remediation, and Verification.
- You will assist with developing team objectives to resolve risk and identify new areas of exposure.
- You will validate and help remediate critical findings resulting from audit processes.
- You will collaborate with Threat Intelligence groups to overlay observations from the global threat landscape with patching and remediation strategy.
- You will review opportunities to reduce the risk surface of Relativity
- You will build scripts, tools, and methodologies to conduct penetration testing.
- You will research emerging threats and apply analytical understanding of hacker methodologies and tactics, system vulnerabilities and key indicators of exploits.
- Exposure in the following domains: port scanning, client-side and back-end vulnerabilities, and evasion techniques.
- Experience with vulnerability management and offensive security tools, including SecurityCenter/Nessus, Splunk, Burp Suite, and Metasploit.
- Familiarity with the security, common flaws, and threat profile of SaaS-based applications.
- Ability to identify adversary tactics, techniques, and procedures (TTPs), targeting, malware development and implementation.
- One or more of the following certifications: OSCP, CEH, GPEN, CISSP is a plus
- Capacity to provide both high-level and technical briefings on vulnerabilities
- 1-3 years experience in vulnerability management, security engineering, or a related discipline or equivalent experience