5 Container Scanning Jobs

Job description Program Development - support the manager in developing policies, procedures, reporting and best practices for vulnerability scanning, assessment, and remediation. Vulnerability Identification and Assessment - Operate vulnerability scanning tools to ensure timely and complete scans of the systems, networks, and software. Remediation Coordination - Ensure timely distribution of vulnerability reports to the key stakeholders responsible for remediation. Track and report on remediation progress to stakeholders and leadership. Threat Intelligence Integration - Stay updated on emerging threats and vulnerabilities through threat intelligence sources. Integrate threat intelligence into the vulnerability management process to address high-risk areas proactively. Compliance and Standards - Ensure compliance with regulatory requirements and security frameworks (e.g., SWIFT, NACHA, PCI, NIST, GLBA). Prepare for and support internal and external audits related to vulnerability management. Required Experience Qualifications 3+ years of experience in Cybersecurity Bachelor s degree Hands-on experience and knowledge on deploying and operating vulnerability management tools - Rapid7, Qualys Strong knowledge across all core domains - Vulnerability Management, External Attack Surface Management, Container Scanning, Cloud Security Compliance scanning, and Security Configuration Management Preferred Experience Qualifications Cyber certifications (e.g., CISM, CISSP) or equivalent

Job description Program Development - support the manager in developing policies, procedures, reporting and best practices for vulnerability scanning, assessment, and remediation. Vulnerability Identification and Assessment - Operate vulnerability scanning tools to ensure timely and complete scans of the systems, networks, and software. Remediation Coordination - Ensure timely distribution of vulnerability reports to the key stakeholders responsible for remediation. Track and report on remediation progress to stakeholders and leadership. Threat Intelligence Integration - Stay updated on emerging threats and vulnerabilities through threat intelligence sources. Integrate threat intelligence into the vulnerability management process to address high-risk areas proactively. Compliance and Standards - Ensure compliance with regulatory requirements and security frameworks (e.g., SWIFT, NACHA, PCI, NIST, GLBA). Prepare for and support internal and external audits related to vulnerability management. Required Experience Qualifications 3+ years of experience in Cybersecurity Bachelor s degree Hands-on experience and knowledge on deploying and operating vulnerability management tools - Rapid7, Qualys Strong knowledge across all core domains - Vulnerability Management, External Attack Surface Management, Container Scanning, Cloud Security Compliance scanning, and Security Configuration Management Preferred Experience Qualifications Cyber certifications (e.g., CISM, CISSP) or equivalent

At Capgemini Invent, you will play a crucial role in driving transformation by blending strategic, creative, and scientific capabilities to deliver cutting-edge solutions for our clients. Your expertise in Vulnerability Management tools such as Rapid7, Qualys, and Tenable will be instrumental in implementing and managing security vulnerabilities both on-premises and in the cloud. You will also be responsible for setting up vulnerability scanning profiles and demonstrating a strong understanding of the vulnerability management lifecycle. In addition, your role will entail in-depth knowledge across various core domains including Vulnerability Management, External Attack Surface Management, Container Scanning, Cloud Security Compliance scanning, and Security Configuration Management. It is essential for you to possess knowledge of system security vulnerabilities, remediation techniques, and tactics, as well as the ability to effectively communicate testing findings to managers and network administrators. Your proficiency in simplifying complex technology concepts for non-technical audiences will be highly valued. Your profile should showcase a good understanding of the risk score acceptance process for vulnerabilities, the ability to generate customized reports, and support in mitigating vulnerabilities. Automation knowledge in existing processes, familiarity with Zero Day Vulnerabilities, and understanding of TTPs, MITRE ATT&CK framework, CVSS, OSINT, and deception techniques are also important aspects of this role. Moreover, your comprehension of operating systems, applications, infrastructure, cloud computing services, OWASP, CVSS, MITRE ATT&CK framework, and the software development lifecycle will be beneficial. Strong oral, verbal, and written communication skills are essential for effective collaboration and sharing of insights. Working at Capgemini offers a supportive environment with flexible work arrangements that prioritize work-life balance. You will have access to career growth programs and diverse professional opportunities tailored to your development. Additionally, you can enhance your skills with valuable certifications in cutting-edge technologies like Generative AI. Capgemini is a global leader in business and technology transformation, empowering organizations to navigate the digital and sustainable world with tangible impact. With a diverse team of over 340,000 members in more than 50 countries, Capgemini leverages its 55-year heritage to unlock the value of technology for clients worldwide. From strategy and design to engineering, the company delivers end-to-end services and solutions driven by market-leading capabilities in AI, cloud, and data, complemented by deep industry expertise and a robust partner ecosystem. In 2023, Capgemini reported global revenues of 22.5 billion, reflecting its commitment to addressing the comprehensive business needs of its clients.,

At Capgemini Invent, we believe difference drives change. As inventive transformation consultants, we blend our strategic, creative and scientific capabilities, collaborating closely with clients to deliver cutting-edge solutions. Join us to drive transformation tailored to our client's challenges of today and tomorrow. Informed and validated by science and data. Superpowered by creativity and design. All underpinned by technology created with purpose. Your role involves expertise in Vulnerability Management tools such as Rapid7, Qualys, and Tenable. You should have hands-on experience in implementing and managing security vulnerabilities both on-premises and in the cloud. Additionally, setting up vulnerability scanning profiles and a strong knowledge and understanding of the vulnerability management lifecycle are essential. It is crucial to have in-depth knowledge across all core domains including Vulnerability Management, External Attack Surface Management, Container Scanning, Cloud Security Compliance scanning, and Security Configuration Management. Understanding system security vulnerabilities, remediation techniques, and tactics is required. You should be able to comprehend vulnerability testing methodology and effectively communicate testing findings to managers and network administrators. Furthermore, the ability to communicate complex technology to non-tech audiences in a simple and precise manner is essential. Your Profile should include a good understanding of the risk score acceptance process of vulnerabilities, ability to create customized reports, support in the mitigation of vulnerabilities, and knowledge of automation in the existing process. Understanding of Zero Day Vulnerabilities and their process, TTPs, MITRE ATT&CK framework, CVSS, OSINT, and deception techniques are also important. You should have knowledge of operating systems, applications, infrastructure, and cloud computing services, along with an understanding of OWASP, CVSS, MITRE ATT&CK framework, and the software development lifecycle. Good oral, verbal, and written communication skills are necessary for this role. What you will love about working here is the recognition of the significance of flexible work arrangements to provide support. Whether it's remote work or flexible work hours, you will have an environment that allows for a healthy work-life balance. Career growth is at the heart of our mission, with an array of career growth programs and diverse professions crafted to support you in exploring a world of opportunities. Equip yourself with valuable certifications in the latest technologies such as Generative AI. Capgemini is a global business and technology transformation partner, helping organizations accelerate their dual transition to a digital and sustainable world while creating tangible impact for enterprises and society. With a responsible and diverse group of 340,000 team members in more than 50 countries, Capgemini is trusted by clients to unlock the value of technology to address the entire breadth of their business needs. The Group reported 2023 global revenues of 22.5 billion.,

Meet the Team At Dexcom, our Product Security team is pivotal in protecting the integrity and security of our innovative continuous glucose monitoring (CGM) devices. As an Application Security Engineer, you'll collaborate with various cross-functional teams to ensure our software is developed securely, leveraging insights from scanning tools and manual reviews. Join us in our mission to safeguard the technology that empowers better health outcomes. Where You Come In You integrate security tooling across all phases of the software development lifecycle, from CI/CD to production. You drive the automation of security processes, ensuring efficient and seamless integration with application teams. You collaborate with application teams to interpret, prioritize, and drive remediation of findings from security tools (SAST, DAST, IAST, SCA, SBOM, artifact scanning, container scanning, etc.). You design and implement security guardrails within development processes to proactively detect and prevent vulnerabilities. You have experience with a variety of DevSecOps tools of the types mentioned above. You develop and manage systems for the creation, delivery, and lifecycle management of Software Bill of Materials (SBOMs) across diverse platforms and products. What Makes You Successful You have a strong grasp of the OWASP Top 10 vulnerabilities and effective mitigation strategies. You are proficient in securing cloud-based and mobile applications, with a focus on cloud security architectures. You can write and review code in at least one of the following languages: Java, Scala, C#, or similar. You have experience with DevOps practices and the secure software development lifecycle. You constantly seek out opportunities for improvement and stay updated on the latest security threats and tools. You are familiar with compliance frameworks and regulated environments (ISO 27001, NIST 800-171, NIST 800-53, etc.). You possess excellent oral and written communication skills, with the ability to communicate with all levels of management through diplomacy and tact. You provide deep technical expertise to design, implement, and accelerate the adoption of the best security operations practices. You ensure the pen testing and threat modeling teams maintain knowledge of security industry innovations, trends, and best practices. You are a role model and mentor, helping to coach and strengthen the team's skills. You have a passion for security and stay aware of new threats and advances in security, questioning existing methods if a better way exists. You assess the initial impact of security vulnerabilities on the organizations product portfolio and offer guidance regarding vulnerability response and potential risk to the business. You assign and populate CVEs, CVSS scoring, etc., as needed, and work to ensure vulnerabilities are remediated within their SLAs. You evangelize Coordinated Vulnerability Disclosure (CVD), negotiate with suppliers and security researchers, and publish communication of a fix or mitigation via Security Advisories. You demonstrate teamwork, leading and following, and the ability to drive projects and initiatives in multiple departments. You identify risks associated with business processes, operations, information security programs, and technology projects. You are an enterprise security subject matter expert who can explain technical topics to those without a technical background. You have experience in vulnerability assessment and penetration testing methodologies. You understand various cloud solutions and cloud penetration testing methodologies. You have a strong understanding of various forms of network architecture. You have experience using a security-based risk scoring system (CVSS). Education and Experience Requirements: Typically requires a bachelor’s degree in a technical discipline, and a minimum of 5-8 years related experience or master’s degree and 2-5 years equivalent industry experience or a PhD and 0-2 years’ experience