Full-Time Information Security Engineer

Responsibilities

• Conduct vulnerability assessments for all types of applications, systems, and networks.
• Communicate security vulnerabilities and corrective actions to various internal groups and validate remediation.
• Perform code reviews to find vulnerabilities and fix errors overlooked in the development phase.
• Identify security risks in the software development and deployment process.
• Utilize commercial and open source vulnerability assessment tools.
• Perform manual verification of vulnerabilities – reduction of false positives.
• Create assessment reports and present them to management and technology professionals.
• Develop metrics for tracking and analyzing vulnerability information.
• Assist in regular penetration testing.
• Develop and maintain internal tools and task automation using AI.
• Stay current on information security threats.
• Train security team members on vulnerability management process and tools.

Required Qualifications & Certifications

• Bachelor’s degree in Engineering, Computer science or equivalent
• 3 to 5 years experience
• Possess certification/s related to Vulnerability Assessment such as GIAC, CEH
• Must possess excellent written and verbal communication skills
• Hands-on experience with performing network vulnerability assessments
• Hands-on experience with performing Application scans and code reviews of application codes developed in various technologies
• Knowledge of OWASP tools and methodologies
• Competency with network security and information security concepts and technologies
• Thorough knowledge of the Windows OS as well as Linux and Unix variants

Preferred Qualifications

• Experience with vulnerability scanning tools (e.g., Qualys, Nessus, Nexpose, Saint)
• Experience with web application vulnerability scanning tools (e.g., HP Webinspect, Burpsuite Pro)
• Experience with static analysis tools (e.g., IBM Appscan Source, HP Fortify)
• Experience with high-level programming languages (e.g., Java, C, C++, .NET (C#, VB))
• Experience presenting to or training technical audiences – a plus
• A technical writing experience and/or web development tools is a plus

What is the last date for applying to the job?

Which countries are accepted for this remote job?