226 to 250 of 479 Permanent Vulnerability Management Jobs

Incident Response team, coordinating with other Cyber Operations teams to identify, report, and remediate security incidents, including triaging events, analyzing networks and endpoints, reverse engineering malware, threat hunting, and vulnerability management. You will develop and implement SOPs, playbooks, and processes to streamline monitoring and investigations, supporting GCS's cybersecurity operations and incident response programs. The ideal candidate should demonstrate … incident response plans Conduct trend analysis and develop defense signatures Desired Skills: Certifications such as GIAC, GCIH, GCIA, ITIL Familiarity with NIST frameworks, Cyber Kill Chain Experience with case management, SOAR, SIEM, EDR tools Experience with multinational organizations and automation scripting (Python) Qualifications: Bachelor's degree or equivalent in Computer Science, Cybersecurity, or related fields Additional Information: At McDonald More ❯

Senior Vulnerability Management consultant sought by leading investment bank based in London. Inside IR35 - Hybrid working Daily responsibilities: Provide vulnerability management expertise involving infrastructure, cloud and enterprise applications. Primary contact for the companies vulnerability management involving processes, reporting, enhancements, compliance and interacting with business stakeholders. Operationalize weekly vulnerability status reports for senior leadership … including UK CISO on company vulnerability management KPIs/KRIs Preparation of vulnerability management process and procedure documentation Provide consulting services to the vulnerability management team to assist in their security design to identify potential risks Review the security issues and recommend the appropriate controls to mitigate these risks Provide security awareness to clients … Provide support to other consultants through mentoring and peer reviews of work products as required Provide ad hoc consulting services to the general user community Essential: Experience working with vulnerability management tools and data such as Tenable, Qualys, Rapid 7, Microsoft Defender, Aqua, Palo Alto Xpanse. Jira to manage project work, timelines and operational tickets. 5+years of relevant More ❯

person. In Technology, we're asking that you attend the office a minimum of 1 day per week. About the Role We are seeking a highly motivated and experienced Vulnerability Management Engineer to join our Cyber Security team. As a Vulnerability Management Engineer, your primary responsibility will be to manage existing vulnerability management-specific … tooling, and have an active role in improving existing processes. You will achieve this by creating automated solutions through collaboration with various technical teams. Responsibilities Develop and maintain vulnerability management tooling and solutions Implement automation to remove manual processes and increase efficiency Work with internal remediators to prioritise vulnerability management activities Process vulnerability data to … provide reports, insights and metrics, that aid in the risk-based approach to vulnerability management. Develop integrations for internal and external tools to capture data relevant to the vulnerability remediation process (e.g. by interacting with APIs) Ensure compliance with relevant security standards, frameworks, and regulations Stay up to date with the latest trends and developments in vulnerability More ❯

Trust in digital transactions and financial technologies is crucial for the smooth functioning of modern society. Neelam Kadbane, our next pathbreaker, Senior Vulnerability Analyst at Mastercard, identifies and addresses security vulnerabilities within Mastercard's environment & products by conducting network penetration tests. Neelam talks to Shyam Krishnamurthy fromThe Interview Portal about the innumerable challenges and the satisfacation of her work … . It was a significant achievement for me, especially since it's rare for companies to hire freshers directly into the InfoSec domain. At Qualys, I worked with the Vulnerability Management team, where we researched new CVEs and zero-day vulnerabilities, and developed signatures for vulnerability scanners. A zero-day vulnerability is a security flaw in … software or hardware that is unknown to the vendor or developer. Since the vendor is unaware of the vulnerability, no patch or fix is available, making it highly dangerous. The term "zero-day" comes from the fact that once the vulnerability is discovered by malicious actors, the vendor has zero days to fix it before it can be More ❯

industry. We have an exciting opportunity to support the Air Force Enterprise IT as a Service (EITaaS) Wave 1, specifically advancing the solution for bringing the EITaaS IT Service Management offerings to SIPR. We are currently seeking a Nessus Administrator for an onsite position in Chantilly, VA. We are seeking a skilled Nessus Administrator to manage, configure, and optimize … our Nessus vulnerability scanning and assessment platform. The Nessus Administrator will be responsible for ensuring that Nessus is effectively integrated into the organization's vulnerability management processes, running regular scans, troubleshooting issues, and providing detailed reports. This role is pivotal in helping maintain the security posture of our network infrastructure by identifying, assessing, and remediating vulnerabilities. Minimum … of 10+ years' experience managing vulnerability scanning tools, with a focus on Nessus. DoD 8140 compliance, CompTIA Security + or higher Must have Active Secret Clearance Proven experience administering and configuring Nessus servers, scanners, and plugins Experience working with large-scale environments, conducting network vulnerability assessments, and remediating findings. Strong understanding of vulnerability management, risk assessment More ❯

with a cloud background (AWS, Azure or GCP) is required to join our client's UK cybersecurity team. This in house role is predominantly advising on security best practices, vulnerability management and security standard compliance (e.g. NIST, ISO, PCI DSS etc), and leading audits and examinations. So you should have good knowledge of security tooling and processes, compliance … and security management (endpoint protection, cloud, SIEM etc). There is an opportunity to build out a cyber security team in the future with this role Skills & Experience Required: 3+ years of experience working in Cyber Security within an cloud environment (AWS, Azure of GCP) Any experience with CrowdStrike/Endpoint Protection would be a bonus Good experience with … headquarters. You will be working in a vibrant office with some of most forward-thinking technical people Key Responsibilities: Analysing and developing security requirements, as well as carrying out vulnerability management & compliance work in PCI DSS type projects Ensure consistency across IT Security risk management activities. Advise Engineers on information related to new vulnerabilities and threats and More ❯

with a cloud background (AWS, Azure or GCP) is required to join our client's UK cybersecurity team. This in house role is predominantly advising on security best practices, vulnerability management and security standard compliance (e.g. NIST, ISO, PCI DSS etc), and leading audits and examinations. So you should have good knowledge of security tooling and processes, compliance … and security management (endpoint protection, cloud, SIEM etc). There is an opportunity to build out a cyber security team in the future with this role Skills & Experience Required: 3+ years of experience working in Cyber Security within an cloud environment (AWS, Azure of GCP) Any experience with CrowdStrike/Endpoint Protection would be a bonus Good experience with … headquarters. You will be working in a vibrant office with some of most forward-thinking technical people Key Responsibilities: Analysing and developing security requirements, as well as carrying out vulnerability management & compliance work in PCI DSS type projects Ensure consistency across IT Security risk management activities. Advise Engineers on information related to new vulnerabilities and threats and More ❯

Prime. TS/SCI clearance required. Key Responsibilities: A&A Support: Develop, update, and accomplish eMASS entries and updates, staff A&A packages in compliance with DoDI 8510.01 Risk Management Framework. System Certification & Policies: Review and maintain enterprise mission systems certification policies, procedures, and reports. Compliance & Security: Register systems in ITIPS (formerly EITDR), ensuring compliance with FISMA; review and … validate security controls. Vulnerability Management: Monitor and maintain the Vulnerability Management System; close out network scan findings and report vulnerabilities. Test & Evaluation: Conduct and document Security Test and Evaluation (ST&E), physical security penetration tests, and assess the impact of new systems on security posture. Coordination & Reporting: Coordinate A&A schedules, report on system status, and … Security+ or equivalent DOD 8570/8140 IAT/IAM certification. Experience working with eMASS. Active TS/SCI security clearance (with current investigation).Preferred Requirements: Familiarity with Risk Management Framework protocols. Familiarity with USSF A&A procedures. Certified Information Systems Security Professional (CISSP) or equivalent (SANS GIAC). Advanced proficiency in Microsoft Word, Excel, PowerPoint, and Outlook. Strong More ❯

Program Description: The program provides Systems Engineering and Technical Assistance (SETA) core and non-core support in the areas of Cyber Security and Management to improve the Information Assurance (IA) posture of a National customer. The contracts Core Capabilities are: IA Management, Federal Information Security Management Act (FISMA) coordination and reporting, Risk Management Framework (RMF) application … IA compliance measurements and metrics, Assessment and Authorization (A&A), Vulnerability Management, and Cyber Defense support. Position Description: The Cyber Data Science Engineer provides support to the customer in the area of Cyber Security. Daily Tasks include, but are not limited to: Utilize analytical, statistical, and programming skills to collect, analyze, and interpret large cybersecurity data sets Develop … data-driven solutions Analyze data sets found in the customer's vulnerability scanning, auditing, authorization, and configuration management tools Import, transform, analyze, and visualize data and report actionable insights to the customer (e.g., Tableau) Provide analysis and graphical presentations of collected metrics for IA compliance status reporting Support and evolve legacy visualization and situational awareness tools based on More ❯

manage and maintain key cybersecurity tools such as Tenable Nessus and Trellix ePO (HBSS/ESS) across Windows and Red Hat Linux environments. Responsibilities include applying DISA STIGs, conducting vulnerability assessments, implementing system hardening measures, and supporting the Risk Management Framework (RMF) process. The ideal candidate has experience with tool administration, system architecture, Tier 3 troubleshooting, and security … documentation. A strong understanding of IA integration and secure systems engineering is essential. Tasks Performed: • Security Tool Infrastructure Management: o Monitor backend infrastructure, deployment, patching, tuning, and overall health of security tools, including Tenable Nessus, Trellix ePO (HBSS/ESS), and associated Windows and Red Hat Linux servers. o Monitor system performance, identify bottlenecks, and implement solutions to ensure … optimal operation of security tools. o Develop and maintain standard operating procedures (SOPs) for security tool administration. • Vulnerability Management & System Hardening: o Conduct technical security assessments of computing environments to identify points of vulnerability and recommend mitigation strategies. o Implement Security Technical Implementation Guides (STIGs) on Windows and Red Hat Linux systems. o Develop and implement security More ❯

root causes of security risks. We are committed to making the world more secure by harnessing a talented, vetted community of security researchers to deliver continuous penetration testing and vulnerability management, with actionable results. Synack's PTaaS platform has uncovered more than 71,000 exploitable vulnerabilities to date, protecting a growing list of Global 2000 customers and U.S. … and influence internal stakeholders Partner with internal stakeholders to determine, develop, and analyze the client's assets, such as: Their digital attack surface and value at risk Their existing vulnerability programs, tools, and methods Their security program, including requirements and goals Work independently with little guidance and provide technical product expertise to build the appropriate solution for the client … s needs Provide technical SME support to internal stakeholders and the client on their strategic goals and testing requirements. Here's what you'll need Experience with vulnerability discovery management, risk management frameworks and associated business workflows, and remediation Good to have experience with scripting languages (language independent) and developing scripted solutions to problems A knack for More ❯

and accreditations are completed in a timely fashion. Required Qualifications o Experience with developing and reviewing security concept of operations, systems security plans, security control assessments, contingency plans, configuration management plans, incident response plans, plan of actions and milestones, risk management plans, vulnerability scanning, and/or vulnerability management plans. o Documented experience with Greenlight … services using different security tools (e.g. Nessus, Weblnspect, AppDetective). o Outstanding interpersonal skills and team player o Outstanding written and verbal communication skills; ability to present reports to management; motivated to thoroughly investigate, analyze, and document system issues and resolutions o Demonstrated outstanding ability to produce quality deliverables and to complete assigned projects on time, provide consistent status … and inconsistencies o Demonstrated outstanding persistent and creative problem solver - strong troubleshooting skills and determined to find solutions to technical problems; identifies root cause and presents possible solutions to management o Demonstrated outstanding work ethic and a proven professional - respectful, dependable, takes initiative Desired: o Experience cloud security design, requirements analysis, control implementation, and mitigation. o Experience with JIRA More ❯

in ensuring the security and compliance of our information systems within the Department of Defense (DoD) environment, specifically adhering to the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF). The successful candidate will be responsible for a wide range of security activities, from documentation and policy compliance to vulnerability management and system hardening … compliance, and verify completion of ACAS, STIG, and Security Content Automation Protocol (SCAP) files, report any open findings or vulnerabilities to the program and propose mitigations. Maintain compliance in Vulnerability Remediation Asset Manager (VRAM) and DoD Information Technology Portfolio Repository-Navy (DITPR-DON)/DON Application and Database Management System (DADMS). Understand NIST, Committee for National Security … Systems (CNSS), DoD/DON Communications Task Orders (CTOs, TASKORDS), and Information Assurance Vulnerability Management (IAVMs). Assist Enterprise Architect with creating system authorization boundary diagrams encompassing traceability back to Hardware, Firmware, Software, Ports, Protocols and Services (PPS) lists, and ACAS while complying with Defense Information Systems Agency (DISA) standards. Review and update system PPS list and ensure More ❯

encompassing software, hardware, and services-by embedding robust security controls throughout the development lifecycle, identifying and mitigating risks, and ensuring compliance with defence-grade standards. Key Responsibilities Risk Assessments & Vulnerability Management Conduct comprehensive security risk assessments at each product phase (design, implementation, deployment). Identify vulnerabilities in architectures, codebases, and configurations; drive remediation with development and operations teams. …/27005, NIST 800-30/53, JSP 440/604, Def Stan 05-series). Lead the creation and maintenance of security documentation (RMADS, Security Assurance Documents, Security Management Plans). Testing & Assurance Design and execute penetration tests and automated vulnerability scans; validate fixes. Oversee third-party security assessments as required. Continuous Improvement Drive security tooling and … security technologies; evangelise best practices across teams. Qualifications & Experience Proven experience (5+ years) in product or application security within defence, government, or security-cleared environments. Deep knowledge of risk management frameworks (ISO 27001/2/5/31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138/139). Hands-on experience with security testing More ❯

Endpoint Engineer Responsibilities: Lead the administration and engineering of a Microsoft endpoint management solution (e.g., Intune), including policy creation and management, application deployment, device compliance, and conditional access configurations. Design and implement hybrid identity solutions leveraging cloud-based directory services (e.g., Azure AD) and on-premises Active Directory for seamless identity management. Utilize cloud automation tools (e.g., Azure … Automation) and endpoint management platforms to manage and secure cloud-based and on-premises workstations and servers, ensuring they are patched to correct levels. Develop and maintain cloud-based system templates and images for rapid deployment. Manage and maintain Windows Server and PC images in both cloud and on-premises environments. Identify, analyze, and resolve system problems with both … advanced scripts (e.g., PowerShell) and leverage cloud scripting services (e.g., Azure Functions) to automate systems administration tasks across cloud and on-premises environments. Implement and manage a comprehensive endpoint management solution (e.g., Microsoft Endpoint Manager, combining Intune and SCCM). Design and implement cloud-based security solutions, including cloud security monitoring and management tools (e.g., Azure Security Center More ❯

Job overview: This is an opportunity to lead global Security Operations focused on safeguarding Arm's digital environment through exemplary threat detection, incident response, and vulnerability management capabilities. This senior role, reporting directly into the CISO, is accountable for driving the strategic direction of Arm's Detect & Response function, delivering outstanding performance and ensuring we are resilient against … an evolving threat landscape! In addition to operations, you will lead cyber crisis management, C-Suite level stress testing, team development, and top-level cybersecurity thought leadership. Responsibilities: Own and deliver the strategic roadmap for cyber incident and vulnerability detection & response in line with Arm's threat profile and business objectives. You will guide and develop a high … of enterprise security domains and how they can be used as a force multiplier for a technology business strategy, with the ability to influence at all levels. Extensive people management experience, fostering a culture focused on mentoring, wellbeing, and trust. "Nice to have" skills & experience: BSc or higher or equivalent experience within a relevant security-related subject. Certifications such More ❯

role, you will gather, analyze, and enrich data to produce governance scorecards and reports spanning key cybersecurity areas such as Data Loss Prevention (DLP), Key/Cert/Encryption Management (KCEM), Software Development Lifecycle (SDLC), Cloud Security (CS), Cyber Incident Management (CIM), and Threat and Vulnerability Management (TVM). Your insights will inform senior leadership, regulatory More ❯

role, you will gather, analyze, and enrich data to produce governance scorecards and reports spanning key cybersecurity areas such as Data Loss Prevention (DLP), Key/Cert/Encryption Management (KCEM), Software Development Lifecycle (SDLC), Cloud Security (CS), Cyber Incident Management (CIM), and Threat and Vulnerability Management (TVM). Your insights will inform senior leadership, regulatory More ❯

role, you will gather, analyze, and enrich data to produce governance scorecards and reports spanning key cybersecurity areas such as Data Loss Prevention (DLP), Key/Cert/Encryption Management (KCEM), Software Development Lifecycle (SDLC), Cloud Security (CS), Cyber Incident Management (CIM), and Threat and Vulnerability Management (TVM). Your insights will inform senior leadership, regulatory More ❯

information assurance program. DESIRED QUALIFICATIONS: MS in Computer Science, Cybersecurity, or another related field 10+ years related professional work experience 7+ years working in the fields of CND, risk management, and continuous management of security tools Experience conduvting cyber-attack analysis Experience conducting Battle Damage Assessments after a cyber-attack Experience detecting and mitigating insider threat Provides security … certification test and evaluation of assets, vulnerability management and response, security assessment, and customer support. Documenting network schemas and cyber operation tool solutions CLEARANCE: TS/SCI with Polygraph minimum More ❯

secure cloud environments that allow the best companies to move faster. SUMMARY Wiz is looking for a Security Engineer for Product & Production Infrastructure who has experience performing security reviews, vulnerability management, and detection and response operations in cloud-native environments. You'll get to collaborate with our software development and DevOps teams to secure Wiz's products, CI … modeling and security review exercises across Wiz's production and CI/CD environments - identifying and mitigating risks in our products and the cloud services that support them Drive vulnerability management and remediation efforts - prioritizing issues, implementing mitigations, and designing strategic preventative controls Extend our detection and response capabilities - building scalable solutions to identify malicious activity, triage alerts … Azure and GCP) Kubernetes (AWS EKS) and container infrastructure IAM and managing cloud identities at-scale Secure development and application of IAC solutions (Terraform, Helm) Cloud-native observability and management tools Development experience in Go, Python and Rust PREFERRED QUALIFICATIONS Bachelor's degree in computer science or a related field and/or candidates with equivalent job experience in More ❯

understand and be able to implement DoD RMF system accreditation processes. Assess use case and operational risk of integrated open source, and GOTS/COTS software components. Will use vulnerability management systems, automated security scanning tools, and system accreditation record systems. Must be able to grasp new concepts, facilitate information exchanges for data gathering, and collaborate with diverse … audiences. Will follow established processes where applicable, and establish and execute defensible processes where none are prescribed. Provide security planning, assessment, risk analysis, and risk management support. Recommend system-level solutions to resolve security requirements and guide the development team in meeting the security posture requirements. Support the Government in the enforcement of the design and implementation of trusted … and RMF preferred). A working knowledge of TCP/IP suite of protocols and services, computer architectures, and network topologies is required. Experience with DISA STIGs and SRGs, vulnerability management systems, mitigation and compliance processes, and reviewing results from automated security scanning tools. The ability to work independently and as part of a team is needed.Flexibility is More ❯

The program provides Systems Engineering and Technical Assistance (SETA) support in the areas of Cybersecurity and Management to improve the Information Assurance (IA) posture of a National customer. The contracts Core Capabilities are: IA Management, Federal Information Security Management Act (FISMA) coordination and reporting, Risk Management Framework (RMF) application, IA compliance measurements and metrics, Assessment and … Authorization (A&A), Vulnerability Management, and Cyber Defense support. Position Description: The Mission Defense Team (MDT) SETA provides support to the customer in the area of Cybersecurity. Daily tasks include, but are not limited to: Identify baseline, capability and coverage gaps Recommend process improvements Plan future requirements and capabilities Support specific technical efforts to enable mission assurance, resiliency More ❯

will be responsible for evaluating, testing, and validating the effectiveness of security controls within our organization's information systems and networks, with a strong emphasis on applying the Risk Management Framework (RMF). As a dynamic systems integrator, SMS offers proven solutions in engineering, operations, cybersecurity, and digital transformation. With expertise in modernizing and optimizing legacy infrastructure and systems … Security Control Assessor, you will be responsible for the following: Provide the United States Coast Guard (USCG) with tailored documentation to support their security authorization. Independent assessor for Risk Management Framework Steps 0 to 7. Plan and execute security control assessments for various information systems within the organization. Develop and maintain assessment procedures and methodologies aligned with NIST guidelines … results. Hands-on experience in assessing RMF Step 4 and performing continuous monitoring. Examine security control weaknesses and determine if they are producing the desired intent. Deep understanding of Vulnerability Management practices. Qualifications US Citizenship required and hold DOD Secret or higher clearance. Intimate understanding of NIST RMF implementation guidance. Hands-on experience with using eMASS or similar More ❯

employee at M.C. Dean, you will join forces with more than 5,800 professionals who engineer and deploy automated, secure and resilient power and technology systems; and deliver the management platforms essential for long-term system sustainability. Together, we transform the way complex, large-scale systems are designed, delivered, and sustained-enhancing client outcomes, improving lives, and changing the … systems Assisting in the development and verification of documentation necessary to complete the DoD RMF assessment and authorization process Conducting ICS/SCADA system inventories following DoD guidance Conducting vulnerability scanning and document system vulnerabilities Supporting ISO standardization and Quality inspections Participating in continuous improvement of organizational cybersecurity posture Provide system security engineering services and/or products to … trusted relations among external systems and architectures. Assess and mitigate system security threats/risks throughout the program life cycle. Contribute to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations. Review assessment and accreditation (A&A) documentation, provide feedback on completeness and compliance of its content. Apply system security engineering More ❯