Infrastructure & Vulnerability Management Engineer, Sr Staff

Black Duck Software, Inc. helps organizations build secure, high-quality software, minimizing risks while maximizing speed and productivity. Black Duck, a recognized pioneer in application security, provides SAST, SCA, and DAST solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open source components, and application behavior. With a combination of industry-leading tools, services, and expertise, only Black Duck helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.

The Black Duck Cybersecurity team is seeking a passionate, experienced, and collaborative practitioner to be a key member of our security operations team.

The Sr Staff Infrastructure & Vulnerability Management Engineer is responsible for identifying, assessing, and mitigating security vulnerabilities in IT infrastructure, networks, endpoints, and cloud systems using a variety of security tooling at their disposal. The position works collaboratively with security engineers and other IT and security professionals to implement security measures and evaluate the performance of those measures to ensure compliance with policies, regulations, and contracts.  They monitor threats, trends, and attack patterns, and partner with security operations center analysts and business stakeholders to provide input for the creation of relevant, actionable security content representations.

Key Responsibilities

• Conduct vulnerability assessments and penetration testing to identify security weaknesses in networks and network nodes, including cloud-based assets
• Develop, implement, and maintain a vulnerability management program to prevent, identify, and mitigate security risks; manage tooling designed to discover, protect, and defend assets
• Identify and prioritize vulnerabilities based on severity and potential impact to business revenue
• Collaborate with other IT and security professionals to implement security measures and ensure compliance with security policies, regulations and contracts
• Monitor and track vulnerabilities and provide actional remediation recommendations to asset owners
• Conduct risk assessments to identify potential security threats and vulnerabilities
• Guide research, mentor junior staff, and keep current on the latest emerging threats, attack patterns, and adversaries  
• Partner with stakeholders to drive improvements in technology adoption and security governance
• Works collaboratively on threat intelligence-gathering activities and conducting hypothesis-driven threat-hunting activities 

• Collaborate with cross-functional teams to provide threat intelligence insights and recommendations

Qualifications

• Strong written and verbal communication skills; ability to establish and maintain strong working relationships with team members and other functional groups
• Possesses knowledge of a variety of threats, malicious actor personas, attack patterns, exploits, and common vulnerabilities
• Understands the MITRE ATT&CK Frameworks, Cyber Kill Chain, and Diamond Model concepts
• Demonstrates an understanding of current and emerging security threats 
• Prior experience with threat-hunting activities 
• Prior experience as an incident responder, security operations analyst, or security engineer
• Understanding of common attack patterns and Indicators of Compromise (IoCs) across Windows, MacOS, and Linux-based operating systems
• Experience creating scripts using Python or similar languages
• Experience with developing and refining network signatures to enhance detection capabilities and improve the identification of evolving cyber threats and vulnerabilities
• Experience in drafting technical reports summarizing forensic findings a plus
• Familiarity with intrusion detection system (IDS) alerts a plus
• Familiar with security tooling such as Qualys, Tenable, Rapid7, Metasploit, Nmap,
• Splunk, LogRhythm, CrowdStrike Falcon, and M365 E5 security stack
• Must be familiar with the operation of firewalls, intrusion detection systems, and antivirus software.
• Experience with advanced digital forensics tools and methodologies to investigate security breaches, including malware analysis, network intrusion detection a plus
• Experience in conducting digital forensics investigations by analyzing data from network data acquisition kits and other artifacts to identify indicators of compromise a plus
• 7+ years in an incident response role or working in or with a security operations center
• 5+ years of experience in evaluating, deploying, and managing endpoint, network, and cloud security tooling
• Bachelor’s degree in information security, computer science, or a related field or equivalent combination of education, training, and experience
• Holds or is willing to obtain job-related security certifications

Black Duck considers all applicants for employment without regard to race, color, religion, sex, gender preference, national origin, age, disability, or status as a Covered Veteran in accordance with federal law. In addition, Black Duck complies with applicable state and local laws prohibiting discrimination in employment in every jurisdiction in which it maintains facilities. Black Duck also provides reasonable accommodation to individuals with a disability in accordance with applicable laws.