This job is closed
We regret to inform you that the job you were interested in has been closed. Although this specific position is no longer available, we encourage you to continue exploring other opportunities on our job board.
Hexaware Technologies - Madera, CA
posted 2 months ago
Full-time - Mid Level
Madera, CA
Professional, Scientific, and Technical Services
About the position
The Security Engineer at Hexaware will lead infrastructure projects focused on enhancing the organization's security posture. This role involves conducting vulnerability assessments, managing vulnerability patching, and collaborating with various teams to address security issues effectively. The engineer will also develop security standards, policies, and procedures to protect digital assets and respond to security breaches.
Responsibilities
- Conduct regular Vulnerability Assessments & Penetration Testing to identify & mitigate risks.
- Analyse vulnerability scan results, prioritize vulnerabilities based on risk, threat intelligence, and potential business impact.
- Review and collaborate with developers to remediate Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) findings.
- Collaborate cross-functionally with teams including IT/Enterprise, Security/Compliance, Engineering/Production and Leadership, ensuring vulnerabilities are addressed expeditiously and effectively.
- Aggregate vulnerability assessment results from partner teams, utilizing a combination of automated tools and manual reviews to identify potential weaknesses in systems, networks, and applications.
- Prioritize vulnerabilities based on severity, risk level, and potential impact on the business.
- Facilitate remediation plans for identified vulnerabilities, collaborating with asset owning teams to ensure timely resolution.
- Monitor and track the progress of vulnerability remediation efforts, providing regular reports to management on the overall effectiveness of the program.
- Implement vulnerability detection capabilities within the continuous integration and continuous delivery (CI/CD) pipeline and software development lifecycle (SDLC).
- Enhance the current Vulnerability Management Program for Patelco Credit Union.
- Perform risk assessments to determine our stature against specific threats in order to recommend solutions.
- Develop and recommend policies, standards and procedures that are in compliance with statutory and regulatory requirements.
Requirements
- Experience in Vulnerability Management or related field such as Penetration Testing.
- Strong knowledge of common vulnerabilities and exploitation techniques.
- Strong knowledge of offensive security tactics techniques and procedures.
- Proficiency with at least one scripting language (e.g.: Perl, Python, PowerShell).
- Knowledge of risk assessment tools, technologies, and methods.
- Demonstrated ability to map vulnerability exploitation vectors commonly identified in frameworks like OWASP Top 10 & STRIDE.
- Knowledge of CIS Benchmarks and best practices for the secure configuration of information systems and applications.
- Experience maintaining and running vulnerability scanning and other security testing tools (e.g., Tenable/Nessus, Qualys, Snyk, Burp, ZAP etc.).
- Technical experience working with industry-wide frameworks and standards like MITRE ATT&CK.
- Ability to communicate network security issues to peers and management.
- An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business.
- Experience with regulatory compliance, including risk management frameworks (e.g., NIST CSF/RMF).
- Experience with Security Orchestration, Automation, and Response (SOAR) platforms.
Nice-to-haves
- Strong understanding of PCI, GLBA, and IS/IT risk assessment, the Federal Financial Institution Examination Council (FFIEC) IT examination handbooks, and National Institute of Standard and Technology (NIST) 800-53 and Cybersecurity Framework.
Benefits
- Access to a vast array of tools that enhance professional profile.
- Excellent growth opportunities.
- Work-life balance programs.
- Collaborative and inclusive work environment.
