Lo sentimos, la oferta no está disponible,
pero puedes realizar una nueva búsqueda o explorar ofertas similares:

Cbt402 - Ingeniero/A Senior Fpgas (^)

.En BETWEEN apostamos por el mejor talento dentro del sector tecnológico. Nos involucramos en una gran variedad de proyectos punteros, trabajando con las últ...


Between - Madrid

Publicado 13 days ago

U-358 - Ingeniero Eléctrico (H/M/X)

Desde Manpower, estamos en búsqueda de un Ingeniero Eléctrico (H/M/X) para incorporarse al equipo de nuestro Cliente en Alcorcón.MISIÓN: El Ingeniero Eléctri...


Manpower - Madrid

Publicado 13 days ago

Structural Design Engineer

Job DescriptionSafran is an international high-technology group, operating in the aviation (propulsion, equipment and interiors), defense and space markets. ...


Safran Engineering Services - Madrid

Publicado 13 days ago

Sr Network Engineer

.Grow Your Career with NTT DATA The Networking Managed Services Engineer (L3) is responsible for providing a managed service to clients by proactively identi...


Ntt Data - Madrid

Publicado 14 days ago

Vulnerability Management Engineer

Detalles de la oferta

Our mission We are a cutting-edge e-commerce company.
Our creative, smart and dedicated teams pool their knowledge and experience to find the best solutions to meet project needs, while maintaining sustainable and long-lasting results.
How do we achieve this?
By making sure that our teams thrive and develop professionally.
Strong advocates of hiring top talent and letting them do what they do best, we strive to create a workplace that allows for an open, collaborative and respectful culture.
The Role This is a highly visible role!
You will protect our infrastructure by analyzing, remediating, and monitoring breaches, issues, incidents, and vulnerabilities.
The right person must have excellent engagement and communication skills and a solid customer-focused and team-oriented approach that balances security needs and user experience to provide best-in-class security for the organization.
Main responsibilities for this Role Keep and improve the Vulnerability Management Program of the company.
A focal point of contact for Vulnerability scanning schedule, configuration in a tool, and execution as per the schedule.
Any failure of scans is to be investigated and scheduled to be re-run.
Administration of Qualys Vulnerability Management, Detection Response (VMDR) and using its various features to enable and support the Vulnerability Management Program.
Usage of ManageEngine EndPoint Central, New Relic, and any other tools available in the company in order to take advantage of their features to improve the Vulnerability Management Program and Metrics.
Conduct periodical discovery of IT Assets, ensuring that identified assets are appropriately tagged, and includes the new assets in the Vulnerability Management tool.
Assess the identified vulnerabilities and study understand the risk profile and impact.
Identify any false positives reported and the technical limitations of the vulnerability in the environment and be able to declare and manage it within the Qualys tool.
Keep and improve existing scripts to process vulnerability results (i.e.
to automatically import them into Jira while matching existing data in Axonius).
Facilitate the process of Risk Acceptance, coordinating with various stakeholders for proposing, seeking and maintaining the approvals for such cases.
Perform Penetration Tests following OWASP and using tools such as Burp Suite or ZAP.
Develop and manage a bug bounty program (i.e.
write the security researcher conditions, review received vulnerabilities, etc.).
Manage vulnerabilities reported by corporate antivirus (i.e.
Crowdstrike).
Collaborate with Infrastructure teams (Windows, Linux, Networks, etc.)
for the remediation/mitigation of the identified vulnerabilities.
Maintain the Vulnerability Dashboard for the scope and submit reports to both technical teams and Management.
Keep and improve the existing server hardening guides, to avoid recurring vulnerabilities.
Organize work to achieve compliance with established KPIs for Vulnerability Management and proactively work towards achieving the same.
Maintain periodical reporting on the progress.
Escalate, discuss and consult as required to next levels and Management in a timely manner.
Participate in meetings with various stakeholders as per the schedules.
Liaise with different teams in different geographical zones.
Propose, plan, and execute vulnerability service/security service improvement initiatives.
Adhere to different policies set out by the organization.
Follow and improve existing procedures.
Keep your work organized based on tickets (Jira).
Prepare and provide different reports (weekly/monthly/ad-hoc) to the Top Management as necessary.
Maintain appropriate knowledge required for successful and efficient delivery of the responsibilities.
Keep abreast of new threats and vulnerabilities and providing analysis as per applicability.
Help the organization understand advanced cyber threats.
Possibility to perform on-call after working hours and weekends.
Knowledge and skills you need to have Five years of a university degree or four-year college diploma is required, preferably in computer science, telecommunications, or other related academic fields.
Or equivalent work experience.
English Spanish: Full professional proficiency Must have working experience administering and operating Qualys VMDR for a large enterprise.
Working and hands-on experience in running a Vulnerability Management process.
Fundamental technical understanding and experience assessing vulnerabilities and identifying weaknesses in operating systems (Windows and Linux), networks, databases, and application servers.
Good understanding of Reporting needs at various levels of organization and ability to design, create, and present the same.
Competencies Reading comprehension: You must be able to read and understand the existing procedures, and the tasks assigned on tickets.
This is crucial for you to work under minimal supervision and excel.
If you are a technical guru but don't understand the assigned tasks in writing, or don't clarify doubts, this is not your job.
Organization: This position is 50% recurring tasks (i.e.
reviewing weekly vulnerability scans), 30% research tasks (i.e.
identifying why a vulnerability scan isn't working as expected and solving it together with other teams), 10% chasing other teams (i.e.
ensuring that a vulnerability is remedied), and 10% procedures (i.e.
improving existing procedures).
Prioritization: You must attend the priorities on the assigned tasks and assign the right priority to the discovered vulnerabilities.
Bonus points for the following Any Penetration Testing certification (i.e.
CEH, OSCP, GPEN, Pentest+).
Any Vulnerability Management certification.
Any Qualys certification.
Knowledge on CDN and WAF usage and configuration (i.e.
Cloudflare, Imperva).
Experience in working with Splunk as a SIEM.
Why work at FoshTech?
We will give you the opportunity to be the best version of yourself, develop professionally and create strong working relationships working remote or on site.
While offering a competitive salary, we also invest in our people's professional development and want to see you grow and love what you do.
Competitive remuneration package FLEXIBLE WORKING CULTURE: 100% teleworking Flexible working schedule Intensive summer working hours Medical Insurance Dental Insurance Flexible Compensation (tiquet Restaurant, kindergarten, transport) Referral Scheme per referral hired Career plan designed by and for you Very good atmosphere among colleagues If this sounds like the place for you, don't hesitate to contact us!
About us We are an international team of tech professionals that build some of the best digital entertainment and e-commerce products in the business.
As a full-stack design and development company we deliver high quality application and web experiences for our network of players around the world.
#J-18808-Ljbffr


Salario Nominal: A convenir

Fuente: Talent_Dynamic-Ppc

Requisitos

Built at: 2024-11-10T00:59:12.479Z