Vulnerability Management Engineer

Overview:

We are CONNECTING HEALTH AND WEALTH. Come be part of remarkable.

How you can make a difference

Highly proficient knowledge of security controls based on industry information security standards (NIST Cybersecurity Framework, ISO27001/2, and CIS Top 20 Controls). Reports to the Director, Security Technology and Tools and works collaboratively with technology and business SMEs and corresponding leadership

• Reviewing and analyzing vulnerability data to identify trends and patterns.
• Facilitating meetings as part of the Vulnerability Management processes, as needed.
• Advising and assisting Vulnerability Remediation Team(s) on prioritization of vulnerability remediation.
• Performing risk-based technical assessments on technical vulnerabilities.
• Assist Vulnerability Remediation teams to develop remediation plans.
• Lead new technologies to ensure a comprehensive security tool stack configuration to address threats and gaps.
• Experience implementing and performing security risk assessments for on-premise and cloud-based services
• Build and present cases on new technologies to address new and emerging risks, as well as gaps identified by external and internal assessors.
• Lead security controls and requirements identification for large and small technology and business initiatives. Strong IT risk, security and compliance experience to drive structured analysis.
• Experience in and ability to lead security metrics consolidation and development efforts to measure the Cybersecurity program status according to plan.
• High proficiency with leading information security frameworks and best practices (NIST Cybersecurity Framework, ISO27001/2, and CIS Top 20 Controls), and experience applying frameworks to identify appropriate security measures
• Automation, scripting, and business intelligence experience a must (PowerShell, Python, PowerBI, Tableau, and API configuration experience) highly preferred.
• Strong experience with Cybersecurity policy and standard updates and ability to self-manage updates with no supervision
• Build strong relationships with other technical personnel so that they are willing to reach out for your opinion / thoughts / insight on security things
• Contribute to the overall direction/mission/purpose of the Technical Security team
• Assist in the identification, design, and implementation of security tools that build customer trust in Technical Security services
• Assist in the identification, design, and implementation of security tools that enable the identification of "concerning" activity around technical services.

• 4+ years of experience for an engineer-level role
• Experience with Vulnerability Management processes.
• Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
• Knowledge of application vulnerabilities.
• Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.
• Experience in consulting, advisory or assessment work preferred
• CISSP or similar security certification preferred
• Excellent interpersonal skills including the ability to interact efficiently with individuals at all levels; both internal and external
• Lead multiple tasks/projects simultaneously within inflexible time frames
• Ability to adapt to frequent priority changes
• Self-motivated with strong organizational skills and superior attention to detail
• Possess an in-depth knowledge of securing organizations, cloud-based resources, networks, systems, databases, applications, and processes
• Capable of developing strong collaborative working relationships with internal partners and able to effectively engage and build consensus among cross-functional teams
• Demonstrate excellent communication and listening skills
• Operates with a commitment to customer service excellence
• Possess a sincere desire to learn, grow, and go beyond personal capabilities

#LI-Remote

This is a remote position.

Salary Range: $92000.00 To $142000.00 / year

Benefits & Perks:

The compensation range describes the typical minimum or maximum base pay range for this position. The actual compensation offer is determined based on job-related knowledge, education, skills, experience, and work location. This position will be eligible for performance-based incentives as part of the total compensation package, in addition to a full range of benefits including:

• Medical, dental, and vision
• HSA contribution and match
• Dependent care FSA match
• Uncapped paid time off
• Adventure accounts
• Paid parental leave
• 401(k) match
• Personal and healthcare financial literacy programs
• Ongoing education & tuition assistance
• Gym and fitness reimbursement
• Wellness program incentives

Come be your authentic self:

Why work for HealthEquity

Click here to learn more.

Come be your authentic self

HealthEquity is a drug-free workplace. For more information about our EEO policy, or about HealthEquity’s applicant disability accommodation, drug-free-workplace, background check, and E-Verify policies, please visit our Careers page.

HealthEquity is committed to your privacy as an applicant for employment. For information on our privacy policies and practices, please visit HealthEquity Privacy.