Senior Engineer - Information Security

United Global Technologies
-Irving, TX, United States Position Overview

We are seeking an experienced Senior Vulnerability Management Engineer to support the organization's vulnerability management program and strengthen our overall security posture. The successful candidate will be responsible for configuring the platforms and identifying, assessing, prioritizing and coordinating the remediation of security vulnerabilities across our enterprise infrastructure. Expertise in vulnerability management platforms - such as Nucleus Security, Rapid7 Insight

VM, Microsoft Defender, Sentinel One, Service Now, Bit Sight, or similar solutions is essential. This role requires collaboration with cross-functional teams to effectively reduce risk exposure.

Bachelor's Degree, Computer Science, or Information Technology. Relevant experience in lieu of degree might be considered.

• Vulnerability Management
  
  Experience:
  
  Minimum of five years' experience managing vulnerabilities within complex IT environments (cloud, on-premises, hybrid). Comprehensive knowledge of operating systems (Windows, Linux, Unix), networking protocols, cloud platforms (AWS, Azure, GCP). Familiarity with web application vulnerabilities (OWASP Top 10) and application security testing.
• Proficiency with Security Tools:
  Advanced expertise in leading vulnerability management and security platforms, such as Nucleus Security, Rapid7 Insight
  
  VM, Microsoft Defender for Endpoint, Service Now, Bit Sight, or equivalent.
• Executive Reporting:
  Ability to prepare and deliver clear, actionable reports for executive audiences, translating technical findings into business risks and impacts.
• Compliance &
  
  Risk Management:
  
  Strong understanding of regulatory frameworks and experience implementing controls to meet compliance requirements.
• Process Improvement & Automation:
  Demonstrated skill in designing, optimizing, and implementing automated workflows for vulnerability tracking, reporting, and remediation.
• Analytical Thinking:
  Exceptional attention to detail, with a track record of leveraging data analysis to drive security decisions and process improvements.
• Communication &
  
  Collaboration:
  
  Excellent verbal and written communication skills; ability to engage stakeholders at all levels and facilitate training or awareness initiatives as needed.

• Cloud Security Expertise:
  Familiarity with cloud security best practices and emerging threats.
• Project Management:
  Experience managing complex security projects, including tool migrations, integrations, and process enhancements.
• Certifications:
  
  Relevant industry certifications (e.g., CompTIA Security+, CISSP, CISM, or equivalent) are desirable.
• Regex (Regular Expressions):
  Experience using Regex for building automation rules, data parsing, and workflow customization within vulnerability management platforms.
• SQL:
  Basic understanding of SQL for querying, analyzing, and manipulating data as part of reporting or automation tasks.
• Purdue Network Model:
  Familiarity with the Purdue Enterprise Reference Architecture (PERA) or Purdue Model for Industrial Control System (ICS) network segmentation and security.
• Problem-Solving:
  Creative approach to addressing complex security challenges.
• Attention to Detail:
  Precise identification and documentation of security vulnerabilities.
• Security Operations:
  Active participation in incident response activities during exploitation events and coordination with threat intelligence teams to monitor emerging vulnerabilities and threats.
• Continuous Learning:
  Commitment to staying current with evolving threat landscapes and security technologies.

Schedule - 8 to 5P CST Hybrid

Monday, Wednesday and Thursday onsite Tuesday and Friday Remote.

Job will be extended for candidate that is meeting expectations