Vulnerability Engineer

Project duration: long-term

Location: Gdańsk/Warsaw - Gdańsk is the preferable location

Work mode: hybrid, 2-3 days from the office (can be negotiated to 1-2 in case really needed)

Key responsibilities:

• Running Vulnerability scans on network infrastructures such as servers, desktops, network devices using Qualys
• Architecture, Design, Implementation, Configuration, maintaining, supporting and troubleshooting vulnerability management tools such as Qualys
• Develop procedures and practices in Vulnerability Assessment and Management, Policy Compliance scanning
• Expertise in configuring and executing VM and PC scans.
• Using the VM tool in various environments like Cloud – AWS & Azure, on premise
• Troubleshoot scanning, tool etc. issues.
• Plan and schedule Changes, Coordinating with different stakeholders
• Prepare Weekly and monthly status reports – Technical and Management reports / Dashboards
• Participate in business meetings with various stake holders on a need basis
• Perform Trend analysis, identify top vulnerabilities, and work with respective teams/individual to mitigate.
• Communication of request/incident status with Security analysts, vendors and internal teams.

͏

Skills & Qualifications:

• Experience in running Vulnerability scans on network infrastructures such as servers, desktops, network devices using Qualys
• Expertise in configuring and executing VM and PC scans.
• Good knowledge of security / industry standards for VM and PC.
• Excellent understanding of concepts of Vulnerability Assessment, Management and patching.
• Good understanding of networking and operating system functions, both Windows and Linux

Nice to have:

• Integration of VM platform with enterprise tools Splunk, ServiceNow, BWISE, Jira using APIs.
• Python or equivalent coding experience for API integration.
• Experience with Bash or PowerShell scripting.
• Exposure to ITIL Change Management and tools such as Service Now etc.
• Exposure security monitoring solutions for IDS, IPS, NetFlow and packet capture technologies.