*Tenable SC/Nessus*

We are hiring an Security Engineer with deep Threat Vulnerability Management (TVM) experience for a long term contract consultancy working hybrid on-site 1-2 days per week in midtown Manhattan.

In a very hands-on capacity you will responsible for the support and administration of several core network security tools... interesting projects, very professional and high-end environment. There is the possibility of converting to full-time after 6-9 months. You will assist in the management of the company wide TVM program and also perform targeted risk assessments.

In summary you will be responsible for the implementation, engineering, and management of security initiatives related to the end-point devices, evaluation and adoption of new systems.

TVM work will include:

• Meet regularly with the various SME’s to ensure vulnerabilities are patched in accordance with the Threat and Vulnerability Management procedures
• Escalate aged vulnerabilities
• Provide technical guidance to owners to document a Risk Acceptance for aged vulnerabilities
• Assist with effort to automate the TVM process
• Prepare monthly TVM RAS metrics
• Prepare reports for aged vulnerabilities
• Improve the TVM program to work more effectively and efficiently

Targeted risk assessment work will include:

• Evaluate applications and/or hardware assets to be assessed based on the inherent risk rating as well as other external factors
• Plan and document the scope of the assessment
• Inform the asset owner of the assessment in advance
• Document the results of the assessments, including Observations and/or MSII’s
• Report the results of the assessments
• Maintain/revise the Targeted Risk Assessment Procedure and improve the document

Requirements include:

• Hands-on experience focused on managing Vulnerability Management solutions, including knowledge of Tenable/Nessus vulnerability scanning tools
• Endpoint management and best practices.
• Good Project Management skills
• Palo Alto Firewall administration, network security, operations and management best practices.
• Basic network design and infrastructure
• Active Directory and Group Policy.
• Knowledge of enterprise patching / software rollouts is a must and IBM BigFix experience is preferred.
• Tenable training and CISSP strongly preferred.
• Completed Bachelor’s degree with Computer Science or related (math, engineering,...) course of study

Looking for more jobs near me. Find your favorite job now by visiting our jobs page.