Remote across Canada 12 Months + Contract Bilingual (French/English)
Ideally we are looking for someone who is well organized, has cyber security knowledge but does not need to have a university degree Requis: Work with Incident Response teams to improve cyber defense capability; Familiarity with vulnerability assessment tools; Responding to virus, malware, spam outbreaks as needed; Ability to convey security risks in a concise and clear manner; Familiar with a complex IT environment; Ability to adapt to emergency situations,, while maintaining confidentiality, and a professional image; Must possess strong logical, critical thinking and problem solving skills;
We need this temporary resource because UTC introduced a new vulnerability detection tool and until we have a better way to manage the newly found vulnerabilities, we need some help consuming all of this data.
The contractors job would simply be to work with our team to chase down vulnerability remediation once we have identified the assets which are vulnerable.
So basically he or she would contact the IT person responsible for the asset with a vulnerability, help them understand what the vulnerability is and track the vulnerability to completion. Vulnerability Remediation Specialist Summary The Vulnerability Remediation Specialist seeks out weaknesses in the companys infrastructure (systems, applications, and networks) and finds creative ways to protect it. Responsible for analyzing attack and vulnerability data and recommending changes to management (not authorizing and implementing changes).Works with security engineers, administrators, and developers (whose primary roles are to ensure that systems are working as designed [e.g., make changes, apply patches, and set up new admin users]). Prior experience coordinating efforts between various IT and security teams is a plus Key Responsibilities Drive remediation of security risks including tracking of issues and action plans, and partnering with patch coordination teams, technology/application owners, and business areas to prioritize and enhance remediation efforts Lead technology vulnerability remediation efforts through cross functional working committees Manage enterprise vulnerability assessment and configuration assessment tools Research industry best practices for most effective tactical security practices Group and prioritize remediation findings in a manner that increases efficiency Assess implementation efforts required for successful testing and deployment of remedial actions Track attestation of controls and update attack surface reporting data Identify operational roadblocks to ensure timely remediation and countermeasures Minimum Qualifications BS degree in Computer Engineering or Computer Science or a technical field preferred CEH, ECSA, GSECIHIAGIAC, CISSP certifications desired 7+ years of experience in two or more of the following: network vulnerability assessments, web application security testing, network penetration testing, red teaming, or security operations Experience with security risk assessment, vulnerability triaging, and remediation Strong understanding of Windows, UNIX, and Linux operating systems functions and security Experience with Windows environments and Active Directory concepts Knowledge of applications, database, and web server design and implementation Ability to clearly convey results in formal technical reports and deliver briefings to senior staff Desired Qualifications
Current CISSP certification Broad IT experience spanning multiple disciplines Web application security principles Working knowledge of Secure Development Lifecycle