Vulnerability Management Engineer (REMOTE OPPORTUNITY)

Location
Hoover, Alabama
Salary
Open
Posted
Sep 13, 2023
Closes
Oct 14, 2023

Thank you for your interest in a career at Regions. At Regions, we believe associates deserve more than just a job. We believe in offering performance-driven individuals a place where they can build a career --- a place to expect more opportunities. If you are focused on results, dedicated to quality, strength and integrity, and possess the drive to succeed, then we are your employer of choice.

Regions is dedicated to taking appropriate steps to safeguard and protect private and personally identifiable information you submit. The information that you submit will be collected and reviewed by associates, consultants, and vendors of Regions in order to evaluate your qualifications and experience for job opportunities and will not be used for marketing purposes, sold, or shared outside of Regions unless required by law. Such information will be stored in accordance with regulatory requirements and in conjunction with Regions' Retention Schedule for a minimum of three years. You may review, modify, or update your information by visiting and logging into the careers section of the system.

Job Description:

Primary Responsibilities

  • Conducts penetration tests and vulnerability assessments against a wide array of applications, technologies and platforms
  • Understands, reviews, and interprets vulnerability assessment and scanning results, reduce false positive findings, and act as security advisor to business unit partners
  • Creates detailed risk assessment reports which explain identified technical and logical security findings, describes potential business risks, and presents prioritized recommendations
  • Contributes to the ongoing enhancement of the company's security assessment capabilities through the development and implementation of improved methodology, processes, infrastructure, tools, and deliverables
  • Collaborates and shares knowledge with team members via formal and informal methods on a regular basis
  • Maintains knowledge with current emerging technologies and advancements within Information Security
  • May provide expertise and solutions for others as a subject matter expert

This position is exempt from timekeeping requirements under the Fair Labor Standards Act and is not eligible for overtime pay. 

Requirements

  • High School Diploma or GED and eight (8) years of related post-secondary education and/or experience in Information Security or Information Technology

Preferences

  • Bachelor's degree in a related field
  • Familiarity with Metasploit, Contrast, AppSpider, Burp Suite, ZAP, and PumaScan.
  • Scripting with Python, Ruby, PowerShell, BASH, or similar languages
  • Understanding of mapping and scanning applications and systems, including port scanning, identifying services and configurations, spidering, application flow charting, and session analysis.

Skills and Competencies

  • Ability to research, analyze data, and derive facts
  • Familiarity with automated tools used to discover system and web application vulnerabilities such as Nmap, Nexpose, Nessus, WebInspect, or Fortify
  • Knowledge of system and/or web application vulnerabilities and risk assessment methodologies such as Common Vulnerability Scoring System (CVSS) or Open Web Application Security Project (OWASP) Risk Rating Methodology
  • Strong technical skills related to at least one of the following areas: information security, network security, Windows security, UNIX/Linux security, and web application security
  • Strong verbal, written communication, and organizational skills
  • Strong work ethic and self-motivation

    Manage infrastructure scans and vulnerability assessment initiatives from project initiation to completion, optimizing the use of tools like insightVM and Qualys

    Skills and Competencies

    • Ability to research, analyze data, and derive facts
    • Familiarity with automated tools used to discover system and web application vulnerabilities such as Nmap, Nexpose, Nessus, WebInspect, or Fortify
    • Knowledge of system and/or web application vulnerabilities and risk assessment methodologies such as Common Vulnerability Scoring System (CVSS) or Open Web Application Security Project (OWASP) Risk Rating Methodology
    • Strong technical skills related to at least one of the following areas: information security, network security, Windows security, UNIX/Linux security, and web application security
    • Strong verbal, written communication, and organizational skills
    • Strong work ethic and self-motivation

    Position Type

    Full time

    Compensation Details

    Pay ranges are job specific and are provided as a point-of-market reference for compensation decisions. Other factors which directly impact pay for individual associates include: experience, skills, knowledge, contribution, job location and, most importantly, performance in the job role. As these factors vary by individuals, pay will also vary among individual associates within the same job.

    The target information listed below is based on the national range and level of the position.

    Job Range Target:

    Minimum:

    $94,239.50 USD

    Median:

    $137,120.00 USD

    Incentive Pay Plans:

    Benefits Information

    Regions offers a benefits package that is flexible, comprehensive and recognizes that "one size does not fit all" for benefits-eligible associates. Listed below is a synopsis of the benefits offered by Regions for informational purposes, which is not intended to be a complete summary of plan terms and conditions.

    • Paid Vacation/Sick Time
    • 401K with Company Match
    • Medical, Dental and Vision Benefits
    • Disability Benefits
    • Health Savings Account
    • Flexible Spending Account
    • Life Insurance
    • Parental Leave
    • Employee Assistance Program
    • Associate Volunteer Program

    Please note, benefits and plans may be changed, amended, or terminated with respect to all or any class of associate at any time. To learn more about Regions' benefits, please click or copy the link below to your browser.


    https://www.regions.com/welcometour/benefits.rf

    Location Details

    Riverchase Operations Center

    Location:

    Hoover, Alabama

    Bring Your Whole Self to Work  

       

    We have a passion for creating an inclusive environment that promotes and values diversity of race, color, national origin, religion, age, sexual orientation, gender identity, disability, veteran status, genetic information, sex, pregnancy, and many other primary and secondary dimensions that make each of us unique as individuals and provide valuable perspective that makes us a better company and employer. More importantly, we recognize that creating a workplace where everyone, regardless of background, can do their best work is the right thing to do.

       

    OFCCP Disclosure: Equal Opportunity Employer/Disabled/Veterans