Sr. Consultant, Vulnerability Management (Remote)

Morgan Franklin
Published
November 18, 2020
Location
Atlanta, GA
Category
Job Type

Description

MorganFranklin Consulting is a management advisory firm that works with leading businesses and government to address complex and transformational finance, technology, cybersecurity, and business objectives.

MorganFranklin's cybersecurity practice helps clients across the globe to solve their most critical cybersecurity needs. From consulting and implementation to managed services and project resourcing, we work to safeguard assets by identifying risks, developing and maturing cybersecurity programs, and implementing solutions that support and meet business goals. Custom tailored and business-aligned service offerings include:

  • Strategy and GRC
  • Cybersecurity Operations
  • Identity & Access Management
  • Incident Response & Risk Intelligence
  • Application Security
  • Managed Security Services Provider (MSSP)

Sr. Consultant, Vulnerability Management

Threat and Vulnerability Management (TVM) Program

Our client is in the process of enhancing vulnerability management capabilities in support of the TVM program. These capabilities include vulnerability identification via Qualys, assessment, remediation support and measurement. In this role you will play a pivotal part of the Vulnerability Management team. The ideal candidate for this role will have Qualys certification, VM and PC module expertise, and will have utilized multiple scripting languages for automation. The candidate will perform the following functions in this role:

  • Configure new Qualys platform subscription including deployment of scan appliances and creation of option profiles, asset groups, scan schedules, report templates, and authentication records in both Vulnerability Management (VM) and Policy Compliance (PC) modules
  • Create run books for scanning and reporting processes developed within VM and PC modules
  • Support vulnerability scanning operations by administering existing Qualys platform subscription and executing ad hoc scans as needed
  • Collaborate and contribute to the automation of scanning and reporting processes where possible
  • Advise cyber security leadership on the latest vulnerability management trends
  • Work with infrastructure teams on prioritizing patching of vulnerable services
  • Weekly review of progress against the above goals, identification of new goals and summary of activity

Qualifications

  • Looking for a VM analyst with Qualys and Kenna experience (focus on reporting and being able to explain remediations)
  • Experience with Qualys Agent deployment
  • Ideally would have scripting/API experience as well
  • Bachelor's Degree or at least 5 years of Vulnerability Management and/or cyber security experience
  • Experience utilizing vulnerability scanning tools such as Qualys, Tenable Security Center, Nessus, and Fortify
  • Understanding of vulnerability management methodologies and procedures, as well as application and infrastructure vulnerability scanning solutions
  • Familiar with cyber security frame works such as NIST and ISO 27001
  • Experience in maturing vulnerability management programs with a focus on understanding of risk prioritization
  • Understanding of enterprise architecture and infrastructure (e.g., Server, Network, Workstation, Cloud, etc.)
  • Familiarity with patching processes and the systems used such as SCCM
  • Professional oral and written communication skills
  • Experience implementing vulnerability identification solutions for hybrid cloud environments and containers
  • Strong teamwork and interpersonal skills with a focus on problem solving and troubleshooting

This is a Vaco employment opportunity aligned to MorganFranklin's cybersecurity offering (Vaco LLC, dba "MorganFranklin Cyber").

Apply
Drop files here browse files ...

Related Jobs

November 18, 2020

Author: