Staples Cyber Security Engineer, Vulnerability Management in Westminster, Colorado

Description

Position Summary:

The security engineer has responsibility for (1) ensuring the operation of vulnerability scanning tools, (2) reporting on security vulnerabilities to system owners and leadership, and (3) working with owners to successfully remediate identified security vulnerabilities.

Responsibilities Specific to Role:

• Maintain vulnerability scanning tools

• Identify security vulnerability owners and generate actionable reports

• Work with infrastructure and application teams to provide remediation guidance

• Collaborate with internal partners to enhance remediation processes

• Automate vulnerability scanning operations

• Develop metrics and dashboards for reporting on environment risk and remediation progress to various levels of management

• Work with compliance team to ensure relevant PCI requirements are met

• Integrate security tools with SDLC, CICD, and SOC

• Identify and troubleshoot vulnerability scanning issues

• Test identified vulnerabilities for false positives

Qualifications

Basic Requirements:

• Bachelor’s degree in Computer Science, Information Assurance, or similar

• 5+ years of relevant work experience

• Experience with vulnerability scanning tools such as Qualys, Rapid7, or Nessus

• Ability to translate technical risk to business risk

• Programming experience

• Passion for keeping up with current security threats

• Strong problem-solving skills

Preferred Skills:

• 2+ year IT security experience

• Penetration testing experience (familiar with Metasploit, Burp, common tools in Kali Linux)

• Common knowledge of application security

• ServiceNow development experience

• Understands and clearly communicates security best practices

• Comfortable working with large data sets

• Understands weaknesses of vulnerability scanning tools and has ability to leverage/develop tools to address weaknesses

Staples is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, disability, or any other basis protected by federal, state, or local law.