Vulnerability Management Engineer

Summary

Join GuidePoint Security as a Vulnerability Management Engineer and become part of a team delivering services to diverse clients. This remote position, preferably based in the Mid-Atlantic region, focuses on the vulnerability management lifecycle. You will execute vulnerability scans, design scanning infrastructure, analyze vulnerabilities, advise clients on best practices, and develop custom compliance files. The role requires extensive experience with Tenable Nessus and Security Center, along with scripting and cloud platform knowledge. GuidePoint offers competitive benefits, including comprehensive health insurance, paid time off, and a retirement plan.

Requirements

• 5+ years of information security experience
• 3+ years of vulnerability engineering experience with Tenable
• 3+ years of performing compliance scanning with Tenable (CIS, NIST, DISA)
• Experience developing custom compliance and audit checks with Tenable Nessus
• Must have experience with Tenable.io or Tenable Security Center
• Experience with scripting tasks using native tools such as BASH, PowerShell, Python, or other native scripting languages
• Experience with Regex for data parsing
• Experience with cloud service providers such as Amazon AWS, Microsoft Azure, or Google Cloud Platform
• Experience with compliance frameworks such as CIS, NIST, DISA
• An understanding of operating systems such as Windows Server, Windows 10/7, Mac OSX, RHEL, and Ubuntu Linux and the ability to perform advanced functions at the CLI
• Ability to manage time independently while handling multiple projects concurrently
• Strong written and verbal communication skills
• A strong desire to learn new technologies and contribute to a fast-growing company

Responsibilities

• Execute and manage vulnerability scanning of internal, external, and cloud assets
• Plan, design, and implement enterprise vulnerability scanning infrastructure in a hybrid or multi-cloud architecture
• Deploy vulnerability management infrastructure such as scanners, sensors, and agent configurations
• Perform vulnerability scanning with the Tenable Nessus
• Analyze vulnerabilities and clearly communicate impact and risk to the organization
• Advise customers on Vulnerability Management best practices
• Development of custom compliance and audit files for tenable compliance scanning
• Provide guidance and collaborate with peers on the Vulnerability Management practice team
• Establish credibility as a trusted advisor to our customers

Preferred Qualifications

• Experience developing Infrastructure as Code, such as Terraform, or Cloud Formation
• Experience with Kubernetes, containers, Ci/CD or serverless

Benefits

• Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)
• Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family) and GPS will contribute in one lump sum: ($500 per EE annually / $1000 per family annually (includes spouse/children/family options)
• Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans
• 12 corporate holidays and a Flexible Time Off (FTO) program
• Healthy mobile phone and home internet allowance
• Eligibility for retirement plan after 2 months at open enrollment
• Pet Benefit Option