Cyber Operational Technology / Industrial Control Systems (OT/ICS) Senior Consultant
Dragonfli Group
CloudCyber SecurityIoTServiceNowSplunk
Technical Risk Mitigation Engineer II - Remote
Velera
full-time
Posted on:
Origin: • 🇺🇸 United States
Visit company websiteJob Level
Mid-LevelSenior
Tech Stack
CloudPythonServiceNow
About the role
- Assume a critical, supportive, technical role within the RM team.
- Assist both technical and team initiatives to shape and guide the focus and execution of solutions that provide effective, accurate, comprehensive, and actionable reporting, best practices configurations, timely patching, etc., toward a goal of overall reductions in vulnerabilities across all department accountable technologies.
- Under RM guidance, collaborate with Security and IT Infrastructure to maintain or implement risk-based, actionable remediation requirements for all supported, auditable technologies.
- Assist with or directly maintain and support vulnerability management programs that include regular scans and assessments of the organization’s systems, network and applications to identify security vulnerabilities.
- Improve reporting maturity through automation, consolidation, and other techniques as necessary.
- Work with multiple teams to align scanning, reporting and tracking in compliance with industry best-practices, regulations, and standards related to vulnerability management, such as PCI-DSS, SOC II, NIST, CIS benchmarks, or other compliance regulations required by either industry mandates or Velera standards.
- Perform or assist with recurring and on-demand scanning of organization systems and cloud environments.
- Resolve or assist with the resolution of information security vulnerability findings, including zero-day or targeted threats, and/or internal or external weaknesses in IT platforms, appliances, systems, services, applications or configurations.
- Maintain detailed documentation regarding Velera’s threat management standards, policies, and procedures
- Improve and automate, wherever possible, existing vulnerability management systems
- Must be comfortable working alone or as part of a team.
Requirements
- Associates degree or competency-based degree in a related IT discipline preferred
- Relevant industry certifications such as S+, CISSP, CISM, or equivalent are a plus
- Experience with Tanium
- 3+ years of experience in vulnerability management / compliance monitoring or the equivalent as derived from participating in a role that directly included those responsibilities
- Experience in vulnerability scanning, penetration testing, network admission control, and/or SIEM – direct experience with VM scanning tools like Nessus, Rapid7, Qualys, etc.
- Experience with IT controls monitoring for regulatory and compliance requirements
- Experience with ServiceNow a plus
- Functional knowledge of information security best practices
- Knowledge of vulnerability data management and reporting process automation
- Knowledge of OWASP tools and methodologies a plus
- Knowledge of scripting languages (i.e., PowerShell, Python, YAML, etc.) a plus
- Functional knowledge of ITIL principles and practices
- Knowledge of and/or experience with technical concepts such those associated within common server operating systems, cloud computing, automation, networking, and application development
Similar jobs on JobTailor
Senior OT/ICS Cybersecurity Architect
Dragonfli Group
CloudCyber SecurityIoTServiceNowSplunk
Project Coordinator / Technical Business Analyst
Sev1Tech LLC
CloudCyber SecurityITSMServiceNow
Senior Cloud Security Engineer
TherapyNotes, LLC
AWSAzureCloudCyber SecurityFirewallsLinuxSDLC
Information Security Engineer
Vail Systems
CloudCyber SecurityKubernetesLinuxPython