Sr. Security Engineer

Qualifications:
5+ years of experience in Qualys (VMDR), Policy Compliance and Vulnerability Management.
Scripting experience with PowerShell, python, rest API.
Experience developing reports in MS PowerBI.
Experience working with IoT/OT technology.
Working knowledge of cloud environments such as AWS, GCP, and Azure.
Bachelor’s degree in information security, Information Technology or Computer Science.
Knowledge of vulnerability management, policy compliance, and web application scanning solutions.
Basic understanding of regulatory structures such as PCI, PII, and GDPR.
Creative and adaptive work ethic, with a strong customer-oriented attitude.
Ability to clearly communicate and present to various levels of the organization.
Strong organizational and analytical skills with attention to detail
Independent and self-motivated and very thorough work ethic
Your Responsibilities in this Role:
Providing remediation guidance and recommendations and coordinate with the Technology organization, IT and other teams as needed to provide oversight to the remediation and/or mitigation of enterprise vulnerabilities. 
Building and growing a next-generation vulnerability management program.
Extensive Windows, Mac, and Linux experience and common configuration deficiencies
Thorough understanding of desktop, server, application, database, and network security hardening principles and practices for threat prevention
Develop vulnerability reports and scorecards that define the current state of the corporate network security risk posture.
Perform research and analysis of scheduled and on demand vulnerability assessments and post results.
Research exploit techniques and mitigation strategies.
Perform analysis of asset and vulnerability information to identify risks that were not discovered via automated scanning.
Troubleshoot issues that may occur during automated network scanning, and or agent scans.
Review public and private vulnerability notifications/disclosures, consume research findings and prioritize remediation efforts.
Integrate vulnerability management tools with other systems, such as CMDB, SIEM, and Archer, PowerBI.
Assist with implementing policy compliance tools to monitor compliance against CIS and other industry related benchmarks.
Assist with implementation of IoT and OT security solution to discover and secure unmanaged assets.
Develop rules to identify non-compliant resources in our cloud environments and create automations to remediate the non-compliant resources.