GuidePoint SecurityRemote
Vulnerability Management Engineer (Qualys) - Mid-Atlantic region (Remote)
United States of America
Full Time
3 weeks ago
No H1B
Key skills
Vulnerability engineeringQualys VMDRCompliance scanningScripting BASHScripting PowerShellScripting PythonCloud service providersInfrastructure as CodeKubernetesContainersCI/CDServerlessOperating systems knowledgeDesire to learnPythonBashPowerShellAWSAzureGoogle CloudTerraformCommunication
About this role
GuidePoint Security provides trusted cybersecurity expertise and solutions, helping organizations minimize risk. They are seeking an experienced Vulnerability Management Engineer to advise, develop, implement, and optimize all components of the vulnerability management lifecycle for various customers.
Responsibilities:
- Execute and manage vulnerability scanning of internal, external, and cloud assets
- Plan, design, and implement enterprise vulnerability scanning infrastructure in a hybrid or multi-cloud architecture
- Deploy vulnerability management infrastructure such as scanners, sensors, and agent configurations
- Perform vulnerability scanning with the Qualys VMDR
- Analyze vulnerabilities and clearly communicate impact and risk to the organization
- Advise customers on Vulnerability Management best practices
- Development of custom compliance and audit files for Qualys compliance scanning
- Provide guidance and collaborate with peers on the Vulnerability Management practice team
- Establish credibility as a trusted advisor to our customers
Requirements:
- 5+ years of information security experience
- 3+ years of vulnerability engineering experience with Qualys REQUIRED
- 3+ years of performing compliance scanning with Qualys (CIS, NIST, DISA)
- Experience developing custom compliance and audit checks with Qualys VMDR REQUIRED
- Must have experience with Qualys.io or Qualys Security Center
- Experience with scripting tasks using native tools such as BASH, PowerShell, Python, or other native scripting languages
- Experience with Regex for data parsing
- Experience with cloud service providers such as Amazon AWS, Microsoft Azure, or Google Cloud Platform
- Experience with compliance frameworks such as Cis, NIST, DISA Required
- Ability to manage time independently while handling multiple projects concurrently
- Strong written and verbal communication skills
- A strong desire to learn new technologies and contribute to a fast-growing company
- Experience developing Infrastructure as Code, such as Terraform, or Cloud Formation is a plus
- Experience with Kubernetes, containers, Ci/CD or serverless is a plus
- An understanding of operating systems such as Windows Server, Windows 10/7, Mac OSX, RHEL, and Ubuntu Linux and the ability to perform advanced functions at the CLI