Security engineer - management Job at NITYA Software Solutions, Inc., Mountain View, CA

T1NKa3NKU0l0MWxLZ0ZYOGd3LzJodHNZTEE9PQ==
  • NITYA Software Solutions, Inc.
  • Mountain View, CA

Job Description

Role: Security Engineer - Vulnerability Management

Location: Mountain View CA (100% Onsite)

C2C

Security Engineer - Vulnerability Management Role

Must-Have Skills (Non-Negotiable) - Vulnerability Management.
1. Proficient in Analyzing and prioritizing security vulnerabilities based on risk.
2. Proficient in Developing mitigation strategies and remediation plans.
3. Must be able to use environmental and threat intelligence for vulnerability analysis.
4. Experience in Securing environments in AWS, Google Cloud Platform, Docker, Kubernetes.
5. Proficient in Python, Java, Ruby, Node for security automation.
6. Experience with Tableau, Qlik Sense, SQL for security insights.

Good-to-Have Skills (Preferred but Not Mandatory) - Vulnerability Management.
1. Experience mitigating WAF evasion techniques.
2. Ability to influence engineering teams for secure coding practices.
3. Use AI-driven analytics for vulnerability detection and response.
4. Knowledge of security frameworks and regulatory compliance.

DETAILED JOB DUTIES

Skill Set for Security Engineer - Vulnerability Management Role

Must-Have Skills (Non-Negotiable) Vul. Mgmt

  1. Identify, Analyze, and Prioritize the Impact of Vulnerabilities
    1. Assess and prioritize vulnerabilities based on real-world impact.
    2. Examples: Using risk-based factors beyond CVSS, incorporating threat intelligence and environmental factors.
    3. Tools: OWASP, SANS 25, AWS Security Hub, Tableau, Qlik Sense for risk assessment.
  2. Mitigation if Patch is Not Ready
    1. Implement compensating controls and temporary mitigations for unpatched vulnerabilities.
    2. Examples: Using WAF rules, network segmentation, access controls until a patch is available.
    3. Tools: AWS, Kubernetes, Docker Security Measures, Advanced WAF Configurations.
  3. Automating Future Detection
    1. Develop and implement automated detection mechanisms for vulnerabilities.
    2. Examples: Automating scans, continuous vulnerability assessment, and reporting.
    3. Tools: Python, Java, Ruby, Node, AWS Security Hub, JIRA, ServiceNow.
  4. Detecting Malicious Payloads
    1. Identify and prevent malicious payloads before execution.
    2. Examples: Using threat intelligence and behavioural analytics for payload detection.
    3. Tools: CrowdStrike, AWS GuardDuty, SIEM solutions.
  5. Blocking Advanced WAF Evasion Techniques
    1. Enhance Web Application Firewall (WAF) security to detect and block advanced evasion attempts.
    2. Examples: Implementing custom WAF rules and monitoring attack patterns.
    3. Tools: AWS WAF, Cloudflare, ModSecurity, Imperva.
  6. Automating Threat Responses
    1. Automate incident response workflows for detected vulnerabilities.
    2. Examples: Using security playbooks to trigger automated remediation actions.
    3. Tools: AWS Lambda, Python automation, SIEM integrations.
  7. Risk-Based Factors Beyond CVSS
    1. Consider additional risk factors beyond CVSS scores when prioritizing vulnerabilities.
    2. Examples: Evaluating exploitability, business impact, attack surface exposure.
    3. Tools: Threat intelligence feeds, vulnerability management dashboards.

Good-to-Have Skills (Preferred but Not Mandatory) Vul. Mgmt

  1. Cloud Security & Container Security
    1. Secure AWS, Google Cloud Platform, Kubernetes, Docker environments.
  2. Data Analytics for Security Posture Improvement
    1. Utilize Tableau, Qlik Sense, SQL for security data analysis.
  3. Experience in Influencing Secure Software Development
    1. Work with developers to build security-first applications.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Report this job
  • Dice Id: RTX1bee1d
  • Position Id: 8568302

Job Tags

Temporary work,

Similar Jobs

Guetterman Financial Group, LLC

Remote Virtual Licensed Life Insurance Agent Job at Guetterman Financial Group, LLC

 ...Looking for Licensed life insurance Agents Remote position Are you an agent who has yet to master virtual sales? Or perhaps a great sales professional who has never been given the opportunity to earn what you are worth? If you answer yes to either question, then... 

Ginas Tech Jobs

Trader, Late Shift - Work From Home Job at Ginas Tech Jobs

 ...Trader, Late Shift Work From Home We are seeking a talented and self-motivated Trader to join a growing trading team. Company culture emphasizes teamwork and focuses on continuous integration and test-driven development. This position will fit talented college... 

Primo Brands

Route Service Delivery Driver Job at Primo Brands

 ...000 Sign On Bonus!**Key Responsibilities:The Route Service Delivery Driver's primary responsibilities are to provide premium customer service...  ...* Between 6 am - 7 am until workload completed**Benefits:** Medical, prescription, dental, vision, life, and disability insurance... 

Always Best Care Senior Services- Seattle, WA

$25/hour CNA/HCA (PART-TIME) Job at Always Best Care Senior Services- Seattle, WA

$23/hour CNA/HCA (FULL-TIME and PART-TIME)We are immediately hiring multiple CNAs/HCAs interested in 4-hour morning shifts in Seattle/University DistrictAlways Best Care Senior Services seeks a CNA or HCA who can care for clients living in Seattle/ University District... 

Innova

Fraud investigator Job at Innova

 ...Innova Solutions has a client that is immediately hiring for a Fraud Investigator . Position type: Contract Location Details: Alpharetta Georgia 30022 Duration: 13 Months Hybrid: 2/3 days from Alpharetta GA office As a Fraud Investigator...