Security Engineer II - Security Vulnerability Management Engineer

    SPECTRUM
    Greenwood Village, CO 80121
    Full-time, Part-time
    Refer friends, get paid!

    Job Description

    JOB SCOPE

    Responsible for engineering activities that evaluate cyber security risk and potential security threats to the company's ISP, Video, Voice, software and cloud systems. This position will work closely with network engineering, video engineering, product groups and technical operations staff performing cyber security Vulnerability Assessment through Vulnerability and Compliance scanning, Static Application Security Testing, and Dynamic Application Security Testing. Ensuring proper reporting of vulnerabilities, coordinating the notification, tracking and validation of the response to mitigate and remediate the threat to Charter's networks.
    Engineer will be a part of a team that conduct's Risk and Threat Management processes for network security operations and communicates to executive leadership.

    DUTIES AND RESPONSIBILITIES
    • Implement, maintain and monitor Vulnerability Management for Charter's service delivery networks and systems.
    • Actively advises on and evaluates the impact of security, compliance and application vulnerabilities.
    • Performs analysis to ensure proper coverage of vulnerability assessment tools and programs.
    • Performs analysis to identify appropriate system owners.
    • Coordinates with the Risk Assessment team to ensure all security risk assessments have supporting vulnerability data.
    • Recommend and implement processes and tools to expand the coverage of the vulnerability management program
    • Perform and coordinate engagements with 3rd party service providers to perform ongoing security testing on critical assets.
    • Ensure compliance with security standards, policies and procedures.
    • Adhere to industry specific local, state, and federal regulations, as applicable.
    BASIC / MINIMUM QUALIFICATIONS
    • Bachelor's Degree in Information Security or related field and/or equivalent work experience
    • Minimum of three (3) years IT/Network Engineering experience
    • Minimum of three (3) years Information Security experience
    ADDITIONAL JOB QUALIFICATIONS
    • Demonstrate strong communication skills, both verbal and written with the ability to document, prepare and present data-driven presentations to senior level Engineers and Director audiences.
    • Experience in a relevant security Discipline such as: Vulnerability Assessment, Remediation Management, Application Security Assessment, or Security Compliance Assessment.
    • Demonstrated skills and knowledge of security concepts including TCP/IP, Network and System vulnerabilities, Basic security controls (e.g. firewalls, access lists, authentication, vulnerability scanning, intrusion detection), Basic security procedures (patching, system hardening or etc), Risk vs vulnerability vs threat.
    • Fundamental skills and knowledge of industry specifications and standards such as ISO, NIST, OWASP, RFC, IEEE, ANSI.
    • Fundamental understanding of a software development lifecycle, mobile applications, scripting languages and public and private cloud environments.
    • Fundamental ability to utilize Microsoft Office tools, especially Excel and Word, with the ability to document, prepare and present data-driven summaries.
    • Ability to utilize and interpret packet capture tools for troubleshooting such as: TCPDump, Wireshark.
    • Knowledge of network and system security vulnerabilities and exploits.
    • Must be a problem solver, able to balance competing priorities, have a strong process orientation and be able to manage through complexity and rapid change.
    • Understanding of "ownership" of a project/program and the ability to execute on that with accountability
    • Exhibit leadership skills working with cross-functional teams
    PREFERRED QUALIFICATIONS
    • One or more of the following relevant Security training/certifications: Security Fundamentals, Security Technologies Certificates, Sec+ or introductory security certification
    • Experience with Vulnerability and Compliance Assessment tools such as Tenable, Qualys, InsightVM
    • Experience with Static Application Security Testing Tools such as CheckMarx or Veracode


    Salaries depend on geography, experience, and education; negotiations begin at $61400

    For more information on Spectrum's benefits, please click here.
    Posting ID: 615408439Posted: 2021-03-29