MetroSys Inc
About the Role
MetroSys is seeking a skilled
Information Security Engineer II
to support and lead efforts around
vulnerability management
within a dynamic, enterprise-scale environment. This individual will be instrumental in identifying and addressing security vulnerabilities across systems, networks, and applications. The ideal candidate brings a deep understanding of vulnerability scanning tools, remediation prioritization, and collaborative risk mitigation strategies. You will work closely with cross-functional teams to enhance the organizations security posture and help ensure compliance with industry standards. If you thrive in fast-paced environments and are passionate about cybersecurity, this is an exciting opportunity to grow and make an impact. Key Responsibilities
Lead the end-to-end
vulnerability management lifecycle : scanning, analysis, prioritization, reporting, and remediation tracking.
Perform regular
vulnerability assessments
and support remediation efforts in collaboration with infrastructure and application teams.
Track and assess emerging threats and zero-day vulnerabilities using vendor bulletins and threat intelligence feeds.
Generate reports and dashboards to communicate risk posture and mitigation progress to technical and executive stakeholders.
Maintain and optimize vulnerability scanning tools to ensure full visibility and accurate detection across the environment.
Assist in
security incident response
involving known or suspected exploited vulnerabilities.
Support regulatory and compliance audits (e.g.,
PCI, NIST, HIPAA ) by providing documentation and metrics.
Continuously improve processes, documentation, and tooling in the vulnerability management program.
Qualifications
Bachelor's degree in Computer Science, Cybersecurity, or a related field (or equivalent experience).
3+ years of experience
in information security, with a strong emphasis on vulnerability management.
Hands-on experience with scanning tools (e.g., Tenable, Qualys, Rapid7).
Solid understanding of
network architecture ,
operating systems
(Linux, Windows), and
web applications .
Familiarity with
CVSS scoring , risk modeling, and remediation prioritization frameworks.
Ability to work with scripting or automation tools (Python, PowerShell, Bash) is a plus.
Excellent communication and problem-solving skills; ability to clearly explain security findings to non-security audiences.
Experience with compliance frameworks such as
PCI DSS, NIST, HIPAA , or
ISO 27001 .
Relevant certifications are a plus (e.g.,
CISSP, Security+, LFCS, RHCSA ).
#J-18808-Ljbffr
MetroSys is seeking a skilled
Information Security Engineer II
to support and lead efforts around
vulnerability management
within a dynamic, enterprise-scale environment. This individual will be instrumental in identifying and addressing security vulnerabilities across systems, networks, and applications. The ideal candidate brings a deep understanding of vulnerability scanning tools, remediation prioritization, and collaborative risk mitigation strategies. You will work closely with cross-functional teams to enhance the organizations security posture and help ensure compliance with industry standards. If you thrive in fast-paced environments and are passionate about cybersecurity, this is an exciting opportunity to grow and make an impact. Key Responsibilities
Lead the end-to-end
vulnerability management lifecycle : scanning, analysis, prioritization, reporting, and remediation tracking.
Perform regular
vulnerability assessments
and support remediation efforts in collaboration with infrastructure and application teams.
Track and assess emerging threats and zero-day vulnerabilities using vendor bulletins and threat intelligence feeds.
Generate reports and dashboards to communicate risk posture and mitigation progress to technical and executive stakeholders.
Maintain and optimize vulnerability scanning tools to ensure full visibility and accurate detection across the environment.
Assist in
security incident response
involving known or suspected exploited vulnerabilities.
Support regulatory and compliance audits (e.g.,
PCI, NIST, HIPAA ) by providing documentation and metrics.
Continuously improve processes, documentation, and tooling in the vulnerability management program.
Qualifications
Bachelor's degree in Computer Science, Cybersecurity, or a related field (or equivalent experience).
3+ years of experience
in information security, with a strong emphasis on vulnerability management.
Hands-on experience with scanning tools (e.g., Tenable, Qualys, Rapid7).
Solid understanding of
network architecture ,
operating systems
(Linux, Windows), and
web applications .
Familiarity with
CVSS scoring , risk modeling, and remediation prioritization frameworks.
Ability to work with scripting or automation tools (Python, PowerShell, Bash) is a plus.
Excellent communication and problem-solving skills; ability to clearly explain security findings to non-security audiences.
Experience with compliance frameworks such as
PCI DSS, NIST, HIPAA , or
ISO 27001 .
Relevant certifications are a plus (e.g.,
CISSP, Security+, LFCS, RHCSA ).
#J-18808-Ljbffr