Cyber Security-Engineer II ( Vulnerability Management/ Qualys)

The Opportunity
"This is an opportunity to define, build, and shape the future of FICOs Cybersecurity and Risk Posture. As part of the Threat & Vulnerability Management team, you will collaborate across the business, IT, and client environments to secure our cloud and data center infrastructure. Your contributions will be key to strengthening FICO's defense mechanisms and enhancing our compliance posture. We're looking for a cybersecurity expert passionate about continuous improvement, cloud security, and vulnerability risk reduction. If you're someone who thrives in a fast-paced environment and wants to work on high-impact global security initiatives, this role is for you" - VP, Software Engineering.

What Were Seeking

• Experience in a similar role such as vulnerability management specialist.
• Experience with Qualys or other security vulnerability detection technology required.
• Demonstrates subject-matter expert level understanding in multiple IT, Security and Software disciplines.
• Ability to understand the cause and effect of application vulnerabilities with Operating System Vulnerabilities.
• Must be able to multi-task and keep track of large amounts of information across disparate systems.
• Ability to keep making progress and define future strategy/policy with regards to Enterprise.
• Adherent to continuous monitoring and continuous improvement thought process.
• Demonstrated technical IT skills, ability to understand and manage different OS flavors, network technologies and topologies.
• Demonstrated technical security expertise in a variety of cloud platforms (AWS is preferred).
• Comfortable interfacing with other internal or external organizations regarding problems that must be addressed to enhance security posture.
• Ability to effectively translate and present solutions in business or management terms.
• Ability to work effectively in a team environment.
• Knowledge of Python scripting or other languages is nice to have.
• Moderate documentation and analytical skills; documenting processes, policies, and standards.
• Moderate ability to provide end-to-end support to enterprise counterparts, identifying root- cause of complex enterprise initiatives.
• Moderate trouble shooting skills across complex enterprise applications, server, and endpoint environments.
• Moderate ability to learn onboard and adapt to new technologies.
• Basic privileged access management/right management experience, designing solutions based on least privilege.
• Basic knowledge of malware operation, indicators or threat.
• Moderate knowledge of current threat landscape
• Entry Cybersecurity certifications, such as CompTIA Security +, GIAC Security Fundamentals, GIAC Security Essentials, ISC2 Associate, ISACA Cybersecurity Fundamentals are nice to have.