This job board retrieves part of its jobs from: Toronto Jobs | Emplois Montréal | IT Jobs Canada

God Enriches | Local jobs for the people of Arizona

To post a job, login or create an account |  Post a Job

Senior Vulnerability and Patch Engineer

Western Alliance Bank

This is a Full-time position in Phoenix, AZ posted April 2, 2021.

The Western Alliance Bank team is looking for a Sr. Vulnerability and Patch Engineer. Under general supervision, this position would be responsible for the creation, testing and deployment of patches for all assets in the network. Strong problem-solving skills, willingness to work independently and collaborate across business units is needed for this position. This role requires night and weekend work. Ability to collaborate with others. Candidates must be skilled in vulnerability assessment, risk rating, threat correlation, asset-based remediation management, and reporting. Development, maintenance, and continual improvement of the vulnerability management platform, processes, and technical assessment support. Revise processes and procedures, metrics, and documentation that continue to improve the vulnerability management capability. Validate proper mitigation controls are in place until remediation activities are complete. Act as the point of contact for status updates regarding vulnerabilities across multiple platforms and multiple business groups Ability to assess and articulate actual business risk. Develop, document and maintain operation processes and procedures to conform with Enterprise Security Control Standards. Provide leadership and direction on initiatives relating to information security and the Vulnerability Management Program. Demonstrated understanding of infrastructure and cloud vulnerability scanning and configuration Configure deployment of scan appliances, creation of option profiles, scanning schedules around high-risk vulnerabilities extensively with engineering teams to help them understand their vulnerabilities and assist them to develop remediation and mitigation strategies. You will support implementation and operations best practices while taking ownership of tasks andor project work-streams, assist and perform analysis and diagnosis of issues related to technology configuration, setup, procedural andor process challenges, and contribute to deliverables of the team Maintenance of all contacts and documentation. Qualifications Bachelorrsquos degree andor some relevant work experience in vulnerability management, cyber security and systemnetwork administration is preferred Experience patching cloud environments (i.e. Azure, AWS, Google Cloud Platform) servers such as Windows, Linux, VM Ware. Minimum of 5 years hands on experience with WSUS, SCCM, Intune, MDM Minimum of 5 years designing and implementing complex IT solutions Advanced knowledge of Windows 200820122016Windows10. Mid-level knowledge of network and firewall Knowledge of Azure services Knowledge of Active Directory, including policies, LDAP, SAML, federated Services Knowledge of Office 365 Knowledge of Altiris is a plus. Experience Scripting with PowerShell and Bash experience preferred Analytical and problem-solving skills for troubleshooting are required Hands experience with Nexpose Rapid 7 Strong knowledge of security technologies and architecture. Knowledge of IDSIPS, DNS, DCHP, DMZ architecture, Active Directory, Proxies, Cloud architecture technologies and VPNs to name a few. Strong understanding of network services, vulnerabilities and attacks. Knowledge of application exploits and vulnerabilities. Knowledge of ports and services typical in configuration of web servers, file servers, and workstations Understanding of the OWASP Top 10. Familiarity with vulnerabilities in 3rd party libraries and remediation Candidates must be familiar with CVEs, CVSS, and Mitre as well as other industry specific vulnerability classification standards, frameworks, and best-practices Expert using Excel, Word, PowerPoint Familiarity with vulnerability management security tools (Nexpose, Qualys, Microsoft Advanced Threat Protection (MDATP), Tenable, Nessus etc.) Familiarity with issueticket tracking systems (Jira, ServiceNow, etc) Excellent oral and written communication skills are required