As part of Accurate Background’s Global Information Security team, an Information Security Engineer would be involved with the daily security operations of the organization. They’ll be expected to have a good understanding of Information Security related concepts and best practices. They should also have experience with Vulnerability Management solutions, EDR solutions, IDS/IPS, and SIEM.
Information Security Engineers must possess good analytical and problem-solving skills. They should be able to work under pressure and within tight deadlines. They should also be good team players with good interpersonal and communication skills. This role reports to the Associate Manager, Information Security.
Job Duties:
- Manage vulnerability management tools like Microsoft Defender Vulnerability Management, AppCheck, and Nessus. This includes administration and configuration of the tool, performing periodic scans and publishing reports.
- Fine tuning the scanning tools – validate findings to reduce noise and improve prioritization accuracy
- Analyze vulnerabilities detected by the tools, prioritize them and prepare actionable reports for relevant teams for remediation.
- Work with the different teams to track and drive the remediation of vulnerabilities within SLA. Support the teams with practical guidance for remediations.
- Prepare periodic dashboards and reports for tracking vulnerabilities. This includes technical reports for the remediation teams and executive reports for the management.
- Identify potential weaknesses within the organization’s network and systems and recommend solutions.
- Monitor and investigate security alerts from various sources and provide incident response.
- Provide RCAs for security incidents and document them.
- Take up security initiatives to improve the overall security posture of the organization.
- Documentation of SOPs, metrics and reports as required.
- Collaborate with different teams and departments to address vulnerabilities, security incidents and drive initiatives.
- Research and monitor emerging threats and vulnerabilities, understand current industry and technology trends and opportunities, and assess their impact on applications and the business.
Required Qualifications:
- Bachelor’s degree in computer science, Cyber Security, or related field
- 3+yrs experience with IT Security
- Knowledge of Network and Application penetration testing technologies and techniques
- C|EH, Security+ or relevant certifications
- Strong knowledge of cloud technologies like AWS or Azure
- Thorough understanding of Vulnerability Management processes for an organization.
- Experience with Vulnerability Management tools like Microsoft Defender Vulnerability Management (preferred), AppCheck, Nessus, Qualys.
- Experience with Microsoft Sentinel SIEM and knowledge of Microsoft Defender tools like:
- MDE (Microsoft Defender for end point)
- MDI (Microsoft Defender for Identity)
- MCAS (Microsoft Defender for Cloud Apps)
- MDO (Microsoft Defender for Office)
- Web content filtering
- Strong working knowledge of various information technologies and industry best practices
- Demonstrate ability to take initiative, ownership and accountability for achieving results
- Work with different teams to address vulnerabilities, security incidents and drive initiatives.
- Effective communication skills with technical and non-technical staff