Security Engineer - Vulnerability Management

Position Summary:

The role will report into the Cyber Security Organization, the role will support key vulnerability management initiatives that will minimize security weaknesses in the environment by working with the Cybersecurity, IT Infrastructure, and Application teams to drive vulnerability remediation across RRD Globally. This is an excellent opportunity for an experienced Security Engineer to join our Growing Cyber Security team. The Security Vulnerability Management Engineer will work within a multi-national team comprised of both internal and external analysts. They will play a key role in ensuring the effectiveness of RRDs cyber security vulnerability Management program. The role will represent the Security Operation function within RRD Cyber Security and will champion best practices to both Cybersecurity and its business partners. The Security Engineer will support the security operations function continually improves, remains tuned to specific organizational threats, and operates an effective security toolset.

Technology Specific Skills and Other Requirements for this role include:

• Bachelor degree in Computer Science, Information Systems or discipline related to functional work or role with 3 to 5 years of relevant work experience OR demonstrated ability to meet the job requirements through a comparable number of years of applicable work experience.
• We are looking for a highly motivated and talented analyst with a passion for Vulnerability Management.
• The ideal candidate will have experience supporting and managing vulnerability management activities in large enterprise environments.
• Need strong organization, coordination and negotiation skills to engage with other global and member firm teams.
• Sound knowledge of common infrastructure and web application vulnerabilities and common vulnerability categorizations such as CVE, CVSS, CWE
• Sound knowledge of common vulnerability identification & remediation tools, such as Rapid7/Nessus/ Qualys, Kali, Kenna, Tenable, RiskIQ, Microsoft SCCM and IBM BigFix/Tanium etc
• Secure DevOps experience would be a plus
• He or She should have a strong understanding of security operations concepts, vulnerability management and incident remediation within a complex global organization.
• Must have excellent communication skills; both verbal and written.
• Relevant Security certifications like CEH, CISSP etc
• ITIL foundation Certification and experience preferred
• Must have expert on OS knowledge on Windows, Linux and networking technologies
• Familiarity with Python or related programming language.
• Understanding of common security threats, attack vectors, vulnerabilities and exploits
• Expert level understanding of networking & Security concepts.
• Good Knowledge on AWS, Azure and other cloud Technologies.
• Highly self-motivated and directed;
• Strong organizational, oral communication and project management skills.
• Excellent attention to detail; Ability to effectively prioritize and execute tasks in a high-pressure environment;
• Experience in working in an onsite-offshore model.
• Knowledgeable in security concepts, techniques, tools, methods and practices
• Proven relationship management expertise with both business and technical personnel
• Ability to work well independently and in a team environment
• Ability to handle multiple tasks, prioritize and meet deadlines
• Must have flexibility and willingness to participate in the work processes of an international organization, including conference calls scheduled to accommodate global time zones.