Security Engineer (Remediation)

**** NO AGENCIES OR THIRD PARTIES; NO CALLS OR UNSOLICATED EMAILS WILL BE RESPONDED TO OR CONSIDRED**** Join Verinext, a technology company that's not just keeping up with the future, but actively shaping it. At Verinext, we firmly believe that work should be as enjoyable as it is rewarding. As a Security Engineer (Remediation), you'll be stepping into an environment that thrives on innovation and fun. Our team-oriented culture isn't just a buzzword; it's a cornerstone of our success. We're incredibly proud to have been recognized as a "Best Place to Work" by the Philadelphia Business Journal for 10 consecutive years.

Primary Duties:

• Create formal written documentation of findings and recommendations to address vulnerabilities.
• Implement and deploy patches for discovered vulnerabilities across the enterprise.
• Assist server management, desktop, and application development teams with identifying and remediation of vulnerabilities.
• Brief management and technical resources on new public exploits, internally discovered vulnerabilities, and likely attacker tactics.
• Consume and prioritize automated scan results; provide remediation guidance with the goal of implementation in a timely manner.
• Ensures compliance with organizational security rules and standards.
• Conduct company-wide audits and implement remediation plans.
• Conduct research to keep abreast of latest security issues.
• Prioritize remediation of gaps based on internal and external audits.
• Prepares compliance reports by collecting, analyzing, and summarizing data.

Performs other related duties as required.

Requirements:

Must have

• Bachelor’s degree (or equivalent work experience and Certifications) in) in Computer Science, Engineering and Minimum of 5 years of information systems security or related auditing experience.
• Preferred solid experience in vulnerability remediation.
• Experience in automation using various scripting languages, but not limited to C#, Python or VBS.
• Preferred certifications: CEH, Security+ .
• Ability to clearly communicate Information Security matters to executives, auditors, end users, and engineers, using appropriate language, examples, and tone.
• Strong analytical, technical, and problem-solving skills.
• Ability to work effectively, independent of assistance or supervision.
• Innovative, creative, and extremely responsive, with a strong sense of urgency.
• Willing to share knowledge and assist others in understanding technical and business topics.

Working knowledge of information systems security standards and practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling). Demonstrated experience of “hands on” security knowledge of one or more of the following platforms: Windows/Linux Working knowledge with various Cyber Security tools and SIEM/SOAR platforms. Working knowledge of protocols and technologies such as TCP, UDP, SSL, TLS, SSH, SFTP, SMTP, NetBIOS, and DHCP. At least one technical certification related to a major platform. Ability to interpret information security data and processes to identify potential compliance issues. Ability to quickly understand security systems to identify and validate security requirements. Recommended skills and capabilities. Experience with performing vulnerability scans and assessments. Familiarity with NIST governance and policy management best practices. Information Security best practices and common processes. A solid understanding of various firewalls, with actual experience in design, installation, configuration, and operation Knowledge of network protocols, data flows, and vulnerabilities within a TCP/IP environment. Ability to perform network protocol analysis and raw data capture. A solid understanding and knowledge of LDAP. Knowledge of OWASP, ISO 27001/2, PCI-DSS. Self-motivated, self-directed and shows attention to detail while working. Works ethically and with integrity supporting organizational goals and values. Displays commitment to excellence. Completes work in a timely manner and meet deadlines. Contributes to building a positive team spirit and treats others with respect. Maintains confidentiality of information and uses information appropriately. Exhibits sound judgment when making decisions and recommendations. Fosters collaboration toward a common vision and shared goals.