IT Systems Engineer – Vulnerability Management
Location: Pittsburgh, PA
Job Type: Full Time / Permanent
The IT Systems Engineer – Vulnerability Management is responsible for the assessment and remediation of vulnerabilities identified by the company’s vulnerability program for both external and internal landscapes. This includes conducting research about the vulnerability and understanding the impact of applying the remediations in both test and production environments. In addition, the role will serve as the liaison to other groups in IT for remediation efforts.
- Providing technical analysis of vulnerabilities identified by the vulnerability program to determine their impact to the company and driving the formulation of the vulnerability management remediation plans for each – includes both internal and external landscapes.
- Leading remediation efforts as the liaison to the other groups in IT to establish communication plans and to develop the high-level framework for the testing and validation process used in the remediation efforts.
- Developing effective strategies for vulnerability remediation and leveraging technology to automate the process using automations tools suitable for blade technology in a virtualization architecture, where possible.
- Establishing a process for reporting the progress of remediating vulnerabilities and reporting vulnerability trends.
- Maintaining ongoing awareness of shifts in threat landscape and attacker methodologies; recommending appropriate strategic and operational changes to the security program to address new threats.
- During remediation, being responsible for monitoring system performance, analyzing and troubleshooting system problems, and making recommendations related to load balancing, fault tolerance and high availability of all system components.
- Demonstrating solid knowledge in management and administration of applications, such as Microsoft Active Directory, Middleware Application Web Servers, Virtualization Technologies and Citrix, as well as business applications.
- Performing the administration and configuration of server hardware templates (physical, virtual, cloud-based). Operating infrastructure software baselines as a result of remediation efforts, utilizing knowledge of operating systems, such as Linux, Windows, ESXi, and network protocols, such as TCP/IP, HTTP, HTTPS, SFTP, DNS and DHCP.
- Ensuring compliance with policies, procedures and regulations to ensure safe and sound business operations; developing and implementing software and configurations to apply appropriate system security mechanisms.
Education & Experience:
- Bachelor of Science degree in Information Systems or equivalent work experience
- Five years of experience in technical support role, including three years of that experience as a system administrator for the Unix/Linux, Windows and/or virtual server platforms
- Demonstrated networks, operating systems, system monitoring, security and technology infrastructure experience; specializing in one or more technical areas where a thorough and detailed understanding of the environment is required, and certification in areas of specialization is preferred
- Demonstrated analytical skills with creative innovative approaches to problem-solving
- Strong communication and presentation skills, ability to function as a member of a team and ability to manage multiple projects and tasks concurrently
- Strong working knowledge of application development, computer operations and related concepts
- Knowledge of sound, industry-accepted server software support practices and methodologies
- Experience with vulnerability analysis, patch assessment and vulnerability scoring tools (e.g., Altiris and Qualys)
- Knowledge of vulnerability scoring systems (CVSS Scores)
- Strong awareness of threat protection toolsets, such as CrowdStrike, SteathBits, LogRhythm and Palo Alto