This job has expired

Compliance and Vulnerability Professional

Employer
HAYS
Location
UK
Salary
Competitive
Closing date
15 Sep 2021

View more

Sector
Technology & New Media
Contract Type
Permanent
You need to sign in or create an account to save a job.
Job function: IT, Systems and Security

Main location: UK & Ireland-United Kingdom-Lancashire-Manchester

Other location: UK-United Kingdom- Ipswich

Schedule: Full-time

Working pattern: Standard

About this role

We conduct the scanning for the Server estate using market leading scanning solutions to detect vulnerabilities and critical misconfigurations to ensure that server deployments are secure. This is achieved by using industry best practices, employing CIS Benchmarks and CIS Controls to achieve this. The Compliance and Vulnerability toolset is also responsible for real-time alerting on zero-day vulnerabilities, compromised assets via benchmark scoring.

You'll have the following responsibilities

• Work as part of a team responsible for the provision of effective server compliance and vulnerability monitoring tool within the estate including PCI environment.

• Creating new and/or amend existing server compliance policies from the CIS Benchmark's and Standard's for Unix/Windows servers for bespoke deployments.

• Work with design teams, server build owners, security standards owners & project managers to review design documents and implement requirements into compliance tools.

• Support to front line operations for implementation and troubleshooting connectivity from target devices to the compliance and vulnerability tool.

• Responsible for maintaining and building relationships with stakeholders/vendors to minimise the risks.

• Responsible for maintaining effective file integrity monitoring to PCI DSS & SOX environments

You'll have the following skills & experience

Expertise in at least two of:
  • Worked as part of a team responsible for the provision of effective server compliance and vulnerability scanning via monitoring tools within a large-scale enterprise, PCI DSS knowledge is preferred, but not mandatory.
  • Providing professional advice and best practice on implementing compliance policies in
  • Unix/Windows server environments
  • Experience of having worked with design teams, server build owners, security standards owners & project managers to review design documents and implement requirements into compliance tools.
  • Provided professional advice to ensure best practice is promoted when implementing compliance policies in Unix/Windows server environments.
  • Previously worked with compliance or vulnerability tools e.g. Qualys, TrueSight Server Automation, IP360, CCM, Rapid 7, etc.


Skills:

  • Working knowledge of Linux/Solaris and/or Windows servers.
  • Unix scripting in Shell/Bash, Python or Perl and/or Windows scripting in VBS, Powershell, etc.
  • Processes: Ability to create new processes based on security standards or industry standards and documenting operational processes.
  • Problem solving: Ability to own and resolve problems end to end.
  • Initiative: Ability to work on own initiative in a fast-paced environment. Be a contributor of Continuous Improvement initiatives.
  • Stakeholder management: Effective communicator with front line operations, stakeholders & vendors.
  • Networking: Knowledge of network switching, routing, and security infrastructures


Get in touch with me today if you have any questions, or apply now!
You need to sign in or create an account to save a job.

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert