Fort Worth, TX company is seeking an AppOmni Engineer, IT Vulnerability Management to join their team for a contract opportunity.
Leverage the latest technology to solve business problems in a collaborative environment at this Fortune 500 transportation giant. Top technical resources are retained on long term contract engagements.
Responsible for leveraging cutting edge technology to solve business problems by participating in all phases of the development process from inception through transition, advocating the agile process and test-driven development, using object-oriented development tools to analyze, model, design, construct and test reusable objects, and making the codebase better.
Contract Duration: 6+ Months
Required Skills & Experience
- Bachelor's degree in Computer Science, Computer Engineering, Technology, Information Systems (CIS/MIS), Engineering or related technical discipline, or equivalent experience/training.
- 3 years of hands-on technical security engineering experience.
- Certifications: CISSP, CISM, CISA, CEH, GCIH, GSEC, GCFA, GREM, CCENT.
- Ability to install, configure, troubleshoot, and administer VM Platform(s).
- Experience with OmniApp
- Experience with dynamic and static code analysis experience (e.g. QualysWAS, SAST tools, Tenable).
- Experience with security configuration checklists (e.g. CIS Benchmarks and CSA security guidance).
- Familiarity with NIST Special Publications (e.g. 800-171,800-53, CSF).
- Familiarity with PCI DSS Compliance standards and scanning practices.
- Ability to code and script Python, SQL, BASH, or PowerShell.
- Ability to configure and use technical assessment tools such as Tanium Comply and Tenable Nessus.
- Deep understanding of the technical architecture of IT systems built using Windows, UNIX, Linux, Solaris, VMware, Citrix, Oracle, and MySQL platforms.
- Experience and knowledge in cloud and Kubernetes environments. (Azure Kubernetes Service, IBM Kubernetes service, Oracle Cloud Infrastructure, etc.).
- Experience in DevOps Toolchain methodologies, including Continuous Integration and Continuous Deployment.
Desired Skills & Experience
- 5+ years of hands-on technical security engineering experience with AppOmni or similar application.
- Ability to explain technical concepts and adjust messaging based on the audience, including non-technical groups; strong presentation and technical documentation skills.
- Ability to influence through outstanding interpersonal skills, collaboration, and negotiation skills.
- Ability to work well within a team environment, as well as independently.
What You Will Be Doing
- Performs discovery scanning via the Vulnerability Management Platform (scheduled and ad-hoc).
- Provides gap analysis to compare the list of known resources so gaps can be investigated and owners identified.
- Identifies resource types (e.g. router, desktop computer, server, network switch, firewall, etc.), operating systems, and whether active services are "Enterprise" level.
- Tracks via remediation management system and provides a wiki-style format to capture recommendation, analysis and facts, and links to other research.
- Populates data visualization tool (such as Tableau, Brinqa, and Hygieia) for reporting vulnerability metrics by system and owner.
- Researches vulnerabilities to determine attack vectors and possible vulnerable targets and launches specific scans and reports for that vulnerability in VM scanning tool(s).
- Coordinates with business, IT teams, and Technology Risk Management (TRM) to remediate compliance findings in a timely manner while addressing risk reduction objectives.
- Defines, manages, and measures security configuration baselines in line with internal policies/standards and CIS benchmarks.
- Defines and manages cloud specific technical security policies (CSA security guidance).
Engineer, Vulnerability Managment and Configuration (OmniApp)