[Remote] Experienced, Information Security Engineer
Note: The job is a remote job and is open to candidates in USA. Gainwell Technologies is a company that focuses on improving health and well-being through leading-edge technologies. The role involves conducting scans, analyzing results, performing risk assessments, and guiding remediation efforts for complex security vulnerabilities across various environments.ResponsibilitiesDevelops reports, dashboards, and alerts to automate tasks (Python, PowerShell), and track metricsWorks with IT Operations, SOC, GRC, Third-Party vendors and leadership to align vulnerability management with broader security, manage compliance, and brief leadershipMonitor threat landscape, analyze new vulnerabilities (NVD, MITRE), and provide proactive guidanceIdentifies security risks, threats and vulnerabilities of networks, systems, applications and new technology initiatives. Develops, tests and operates firewalls, intrusion detection systems, enterprise anti-virus systems and software deployment toolsProvides complex engineering analysis and support for firewalls, routers, networks and operating systems. Performs and evaluates vulnerability scans within a multi-platform, large enterprise environment. Reacts to and initiates corrective action regarding security violations, attempts to gain unauthorized access, virus infections that may affect the network or other event affecting securityOversees user access process to ensure operational integrity of the system. Enforces the information security configuration and maintains system for issuing, protecting, changing and revoking passwordsDevelops technical and programmatic assessments, evaluates engineering and integration initiatives and provides technical support to assess security policies, standards and guidelines. Develops, implements, enforces and communicates security policies and/or plans for data, software applications, hardware and telecommunicationsPerforms complex product evaluations, recommends and implements products/services for network security. Validates and tests complex security architecture and design solutions to produce detailed engineering specifications with recommended vendor technologiesReviews, recommends and oversees the installation, modification or replacement of hardware or software components and any configuration change(s) that affects securityProvides complex technical oversight and enforcement of security directives, orders, standards, plans and procedures at server sites. Ensures system support personnel receive/maintain security awareness and trainingAssesses the impact on the business unit/customer caused by theft, destruction, alteration or denial of access to information and reports to senior managementProvides leadership and work guidance to less experienced personnelSkillsExperience working with vulnerability management/infosec (or equivalent experience)Expert Knowledge with scanners (Tenable, Qualys, Rapid7)Proficiency with authenticated scanning, agent vs network scanning, discovery, segmentation constraintsProficiency with CSPMKnowledge of OS (Win/Linux/macOS), cloud security, databases, and networkingProficiency with CVE, CVSS, MITRE ATT&CK, FISMA, CISA directivesStrong risk analysis, root cause identification, and data analysisExcellent communication, leadership, and ability to explain complex risks to diverse audiencesBenefitsGenerous, flexible vacation policy401(k) employer matchComprehensive health benefitsEducational assistanceLeadership and technical development academiesCompany OverviewGainwell Technologies is a provider of Information Technology & Services. It is a sub-organization of Veritas Capital. It was founded in 2009, and is headquartered in Irving, Texas, USA, with a workforce of 10001+ employees. Its website is https://www.gainwelltechnologies.com/.