State of South Carolina
Vulnerability Remediation Engineer - 60019509
State of South Carolina, Columbia, South Carolina, us, 29228
Vulnerability Remediation Engineer
The Department of Administration's Office of Technology and Information Services is the state’s central provider of IT services to state government agencies. We are seeking a talented Vulnerability Remediation Engineer to join our team. This role is an integral part of our Vulnerability Remediation/Service Monitoring team comprised of a group of highly skilled engineers. This position will assist the Division of Technology Operations (DTO) Shared Services team in implementing industry security best practices and statewide security programs established by Division of Information Security (DIS) including vulnerability management and configuration management. This position plays a critical role for improving the organizations security posture and ensuring compliance. If you thrive on ensuring secure infrastructure and are looking to make an impact within a complex environment, this position is for you!
This position is onsite in beautiful Columbia, South Carolina.
Responsibilities
Lead DTO Shared Services operational teams in the adoption of the statewide security programs and other industry best practices to include the vulnerability management and configuration management in conjunction with DIS.
Continually audit and drive remediation of the Share Services environment using the statewide vulnerability management platform and other tools as needed.
Coordinate IT Security audits and remediations among the DTO Shared Services teams and supported agencies as needed concerning regulatory and state-level assessments.
Work with DIS staff and agencies to develop Plan of Action & Milestones concerning Shared Services for defining, tracking, and reporting on the progress of remediation actions.
Develop documentation where necessary with Shared Services teams to demonstrate remediation of findings and compliance with state and regulatory requirements.
Other duties as assigned. May serve on committees, boards, panels, teams, projects or as representative of the agency.
Qualifications
A bachelor's degree in an information technology or information security related field. Four (4) years of relevant work experience may be substituted in lieu of education.
Two (2) years of experience in supporting vulnerability management for large IT environments.
Additional Requirements
Hands on operational experience with vulnerability management tools (e.g. Qaulys, Tenable, Rapid7) including the ability to architect, deploy, configure, and operate.
Understanding of various operating systems including Windows and Linux.
Ability to report issues clearly and efficiently communicate vulnerability severity to various stakeholders.
Strong written and verbal communication skills.
Ability to examine issues both strategically and analytically.
Familiarity with security and risk standards including PCI DSS, NIST, ITIL, CVSS, and MITRE ATT&CK.
Strong understanding of vulnerability management lifecycle and governance.
CISSP or other relevant IT security certification.
Application security, automation/scripting, and/or network security experience.
Transcript Requirement Applicants indicating college credit or degree(s) on the application will be required to bring a copy of a college transcript to the interview. A copy of the transcript may also be uploaded as an attachment to the application, if required by the hiring department or if desired by the applicant. Failure to produce an official, certified transcript may result in not being hired or termination.
EEO Statement The Department of Administration is committed to providing equal employment opportunities to all applicants and does not discriminate on the basis of race, color, religion, sex (including pregnancy, childbirth, or related medical conditions including, but not limited, to lactation), national origin, age (40 or older), disability or genetic information.
Benefits
Health, dental, vision, long‑term disability, and life insurance for employees, spouse, and children.
15 days annual (vacation) leave per year
15 days sick leave per year
13 paid holidays
Paid Parental Leave
S.C. Deferred Compensation Program available
Retirement benefit choices
State Retirement Plan (SCRS)
State Optional Retirement Program (State ORP)
#J-18808-Ljbffr
The Department of Administration's Office of Technology and Information Services is the state’s central provider of IT services to state government agencies. We are seeking a talented Vulnerability Remediation Engineer to join our team. This role is an integral part of our Vulnerability Remediation/Service Monitoring team comprised of a group of highly skilled engineers. This position will assist the Division of Technology Operations (DTO) Shared Services team in implementing industry security best practices and statewide security programs established by Division of Information Security (DIS) including vulnerability management and configuration management. This position plays a critical role for improving the organizations security posture and ensuring compliance. If you thrive on ensuring secure infrastructure and are looking to make an impact within a complex environment, this position is for you!
This position is onsite in beautiful Columbia, South Carolina.
Responsibilities
Lead DTO Shared Services operational teams in the adoption of the statewide security programs and other industry best practices to include the vulnerability management and configuration management in conjunction with DIS.
Continually audit and drive remediation of the Share Services environment using the statewide vulnerability management platform and other tools as needed.
Coordinate IT Security audits and remediations among the DTO Shared Services teams and supported agencies as needed concerning regulatory and state-level assessments.
Work with DIS staff and agencies to develop Plan of Action & Milestones concerning Shared Services for defining, tracking, and reporting on the progress of remediation actions.
Develop documentation where necessary with Shared Services teams to demonstrate remediation of findings and compliance with state and regulatory requirements.
Other duties as assigned. May serve on committees, boards, panels, teams, projects or as representative of the agency.
Qualifications
A bachelor's degree in an information technology or information security related field. Four (4) years of relevant work experience may be substituted in lieu of education.
Two (2) years of experience in supporting vulnerability management for large IT environments.
Additional Requirements
Hands on operational experience with vulnerability management tools (e.g. Qaulys, Tenable, Rapid7) including the ability to architect, deploy, configure, and operate.
Understanding of various operating systems including Windows and Linux.
Ability to report issues clearly and efficiently communicate vulnerability severity to various stakeholders.
Strong written and verbal communication skills.
Ability to examine issues both strategically and analytically.
Familiarity with security and risk standards including PCI DSS, NIST, ITIL, CVSS, and MITRE ATT&CK.
Strong understanding of vulnerability management lifecycle and governance.
CISSP or other relevant IT security certification.
Application security, automation/scripting, and/or network security experience.
Transcript Requirement Applicants indicating college credit or degree(s) on the application will be required to bring a copy of a college transcript to the interview. A copy of the transcript may also be uploaded as an attachment to the application, if required by the hiring department or if desired by the applicant. Failure to produce an official, certified transcript may result in not being hired or termination.
EEO Statement The Department of Administration is committed to providing equal employment opportunities to all applicants and does not discriminate on the basis of race, color, religion, sex (including pregnancy, childbirth, or related medical conditions including, but not limited, to lactation), national origin, age (40 or older), disability or genetic information.
Benefits
Health, dental, vision, long‑term disability, and life insurance for employees, spouse, and children.
15 days annual (vacation) leave per year
15 days sick leave per year
13 paid holidays
Paid Parental Leave
S.C. Deferred Compensation Program available
Retirement benefit choices
State Retirement Plan (SCRS)
State Optional Retirement Program (State ORP)
#J-18808-Ljbffr