Security/Vulnerability Engineer

2 weeks ago

Chicago, United States Saxon Global Full time

Main thing is the manager is not seeing candidates with end point security experience.

The manager also doesn't want someone with short tenures at projects.

This is a hybrid onsite role. 2 days a week. One day in Mount Prospect and the other day you can choose to work in the Chicago office or Mount Prospect office.

Role: Security/Vulnerability Engineer
Duration: 6 months with extension
Location: Chicago, IL
Interview: Video
Client: United Airlines

Seeking an experienced senior level engineer with enterprise expertise in detecting, remediating and mitigating end point security vulnerabilities, extensive testing and supporting of critical applications and operating systems/updates against security vulnerabilities. Experience with evaluating business needs and then performing the following based on those needs: engineering a complete and secure end user experience, coordinating user acceptance testing, documenting, and engineering solutions based on discoveries of vulnerabilities, implementation and maintenance of security benchmark standards.

Engineer will be working closely with various IT teams to mitigate security risks per corporate standards and SLAs. This position requires both technical as well as a non-technical policy-based skillset.

MAJOR DUTIES AND RESPONSIBILITES

  • Manage a test group of over 1,000 end points to include alpha testing of new patches, application updates, operating systems, etc. This group consists of workstations/laptops from every enterprise LOB which has always been a significant litmus test for a new application rollout post packaging/UAT testing. Applications and scope have included (but not limited to) Java, Adobe Reader, Edge Chromium, Chrome, Firefox, WinSCP, Notepad++, Windows monthly OS patching and new feature functionality testing. Hardware vulnerability analysis is also in scope. Responsibilities related to above include planning and coordinating application version releases, ongoing meetings, reporting results, troubleshooting, discussions with developers/vendors regarding upgrades, etc. Prioritization of vulnerability remediations which includes mitigation strategies while simultaneously preventing productivity outages.
  • Candidate will work towards proactively providing an endpoint environment that is sufficiently hardened against vulnerabilities along with assuring that engineering efforts adhere to established corporate policy.
  • Implementation of best practices for hardening an endpoint environment including security framework standards (STIG/NIST/CIS).
  • Proactively detect and analyze system, applications, code, and hardware weaknesses pre-production. Make remediation and mitigation recommendations accordingly.
  • Ability to prepare and participate in corporate risk projects as well as IT audits related to PCI, HIPPA, etc. as necessary.
  • Understanding personal and team roles, contributing to a positive work environment by building solid relationships with team members, proactively seeking guidance, clarification, and feedback.
  • Apply enterprise vision and standards to all projects. Prepare detailed documentation of all engineered work and solutions.
QUALIFICATIONS FOR THE JOB Education: Bachelors, Current industry certifications and/or Equivalent experience

Experience:
  • 5+ years of experience providing engineering and operational direction as well as support of desktop infrastructure in a large enterprise environment required.
  • Detection, prioritization, and mitigation strategies for CVE vulnerabilities on end point systems (including OS, 3rd Party Applications, GPOs, Registry modifications, etc.)
  • Successful track record on implementation of security benchmarks STIG/NIST/CIS settings for an enterprise with minimal user impact.
  • Engineering with focus on the key security concepts of Confidentiality, Integrity and Availability.
  • Extensive regression testing for enterprise core applications, monthly critical security patches, OS updates, etc.
  • Broad infrastructure technology concepts around software, hardware, networking, applications, end user interfaces, virtualization, business continuity, PCI compliance, internal auditing, reporting and total cost of ownership.
  • Excellent technical knowledge and aptitude in the following areas: Active Directory, Workspace One, SCCM, GPOs, Windows 11, Windows 10, Kiosks, Virtual, Mobility, Reporting, strong documentation, and analytical skills.
Preferred skills include:
  • Qualys/Nessus (or equivalent vulnerability detection systems), Cisco Malware Analytics, Injection Hunter, Encryption Technologies, CVE database, CrowdStrike, etc.
  • Airline experience is ideal
  • Some knowledge of application packaging and PowerShell Interpretation is ideal.

  • SeniorCybersecurity Engineer- Vulnerability Mgmt

    5 days ago

    Chicago, Illinois, United States Grubhub Full time

    About The Opportunity We're all about connecting hungry diners with our network of over 300,000 restaurants nationwide. Innovative technology, user-friendly platforms and streamlined delivery capabilities set us apart and make us an industry leader in the world of online food ordering. When you join our team, you become part of a community that works...

  • Senior Cybersecurity Engineer

    5 days ago

    Chicago, United States Grubhub Full time

    Grubhub Security is charged to deliver tailored solutions which provides a safe and trustworthy experience for our users and more than 31.5 million customers. We are committed to maintaining the highest standards of security and compliance in all aspects of our operations. We pride ourselves on innovation, integrity, and a dedication to safeguarding our...

  • Senior Cybersecurity Engineer

    4 days ago

    Chicago, United States Grubhub Full time

    Grubhub Security is charged to deliver tailored solutions which provides a safe and trustworthy experience for our users and more than 31.5 million customers. We are committed to maintaining the highest standards of security and compliance in all aspects of our operations. We pride ourselves on innovation, integrity, and a dedication to safeguarding our...

  • Vulnerability Analyst

    5 days ago

    Chicago, Illinois, United States TEKsystems Full time

    Description: What You'll doIn this role, you'll contribute to the success of the Bank by facilitating the vulnerability management program across IT and the broader organization. You will apply your passion for security and technology to design and operate technical processes to operate vulnerability scanning on a regular frequency, collaborate with...

  • Vulnerability Analyst

    5 days ago

    Chicago, Illinois, United States TEKsystems Full time

    Description: What You'll doIn this role, you'll contribute to the success of the Bank by facilitating the vulnerability management program across IT and the broader organization. You will apply your passion for security and technology to design and operate technical processes to operate vulnerability scanning on a regular frequency, collaborate with...

  • Security Engineer with Security Clearance

    5 days ago

    Chicago, United States TEKsystems co Allegis Group Full time

    You will need to login before you can apply for a job. Security Engineer with Security Clearance Top Skills' Details 1. Secret clearance 2. IAT level III cert 3. 1–4 years for RMF, eMass Job Description The Security Engineer III provides technical support in the areas of vulnerability assessment, risk assessment, network security, product evaluation, and...

  • Vulnerability Scanning Specialist

    5 days ago

    Chicago, United States Bank of America Full time

    Job Description: At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day. One of the keys to driving Responsible Growth is being a great place to work for...

  • Vulnerability Assessment and Penetration Testing Engineer

    2 weeks ago

    Chicago, United States Motion Recruitment Full time

    A global law firm is looking for a Vulnerability Assessment and Penetration Testing Engineer to join their team. Ideal candidate will have a commanding knowledge of penetration testing concepts and best practices, including the requirements for WhiteHat/ethical hacking. This is a great opportunity for someone with strong leadership and problem-solving...

  • Senior Application Security Engineer

    2 weeks ago

    Chicago, United States Informatic Technologies Full time

    One of our Financial Clients is looking to hire a Sr. Application Security Engineer on a Fulltime basis. If you are someone who is keen on Security and has the patience and skills to perform advanced manual security assessments this role is for you. 12+ years' experience performing security assessments of a wide variety of systems, applications and...

  • Senior Application Security Engineer

    3 weeks ago

    Chicago, United States Informatic Technologies, Inc. Full time

    One of our Financial Clients is looking to hire a Sr. Application Security Engineer on a Fulltime basis. If you are someone who is keen on Security and has the patience and skills to perform advanced manual security assessments this role is for you.12+ years' experience performing security assessments of a wide variety of systems, applications and...

  • Senior Application Security Engineer

    2 weeks ago

    Chicago, United States Informatic Technologies Full time

    One of our Financial Clients is looking to hire a Sr. Application Security Engineer on a Fulltime basis. If you are someone who is keen on Security and has the patience and skills to perform advanced manual security assessments this role is for you. Do not wait to apply after reading this description a high application volume is expected for this...

  • Senior Application Security Engineer

    3 weeks ago

    Chicago, United States Informatic Technologies, Inc. Full time

    One of our Financial Clients is looking to hire a Sr. Application Security Engineer on a Fulltime basis. If you are someone who is keen on Security and has the patience and skills to perform advanced manual security assessments this role is for you.12+ years' experience performing security assessments of a wide variety of systems, applications and...

  • Senior Application Security Engineer

    3 weeks ago

    Chicago, United States Informatic Technologies, Inc. Full time

    One of our Financial Clients is looking to hire a Sr. Application Security Engineer on a Fulltime basis. If you are someone who is keen on Security and has the patience and skills to perform advanced manual security assessments this role is for you.12+ years' experience performing security assessments of a wide variety of systems, applications and...

  • Security Engineer III

    1 month ago

    Chicago, United States Paragontech Full time

    If you are unable to complete this application due to a disability, contact this employer to ask for an accommodation or an alternative application process. Security Engineer III Full Time Scott AFB, IL, US 9 days ago Requisition ID: 1071 The Security Engineer III provides technical support in the areas of vulnerability assessment, risk assessment, network...

  • End Point Security Engineer

    4 days ago

    Chicago, United States US Tech Solutions Full time

    Duration: 12 months contract (with Possible Extension) Full-TimeEmployment Type: W-2Job Description:Updates: 1) HYBRID POSITION - Currently 2 days per week, but that might increase to 3 or more at some point. Standard office days are Wednesday and Thursday.Some team members often have things come up that require them to be at another location on one or both...

  • Lead Security Engineer

    2 weeks ago

    Chicago, United States Informatic Technologies Full time

    The Lead Security Engineer Application Security is responsible for performing advanced manual security assessments on applications and systems that require specialized knowledge and providing detailed written reports to key business stakeholders (management, and development teams). Additionally, the individual will provide application design support and...

  • Lead Security Engineer

    2 weeks ago

    Chicago, United States Informatic Technologies Full time

    The Lead Security Engineer Application Security is responsible for performing advanced manual security assessments on applications and systems that require specialized knowledge and providing detailed written reports to key business stakeholders (management, and development teams). Learn more about the general tasks related to this opportunity below, as well...

  • Associate Cybersecurity Engineer

    6 days ago

    Chicago, United States Evolve Security Full time

    Job DescriptionJob DescriptionWhat will you be doing?Evolve Security is looking for an Web and Mobile Application focused Associate Cybersecurity Engineer to join our growing team. This position will assist with the overall successful delivery of various application vulnerability assessments, continuous internal / external penetration assessments, incident...

  • Lead Security Engineer

    2 weeks ago

    Chicago, United States Informatic Technologies Full time

    The Lead Security Engineer Application Security is responsible for performing advanced manual security assessments on applications and systems that require specialized knowledge and providing detailed written reports to key business stakeholders (management, and development teams). Additionally, the individual will provide application design support and...

  • Lead Security Engineer

    3 weeks ago

    Chicago, United States Informatic Technologies, Inc. Full time

    The Lead Security Engineer Application Security is responsible for performing advanced manual security assessments on applications and systems that require specialized knowledge and providing detailed written reports to key business stakeholders (management, and development teams).Additionally, the individual will provide application design support and...