Report to: Services Operation Director
Patch and Vulnerability Management is a crucial part of Fluence Energy security efforts. As new threats emerge, the Service Operations Team must be able to rapidly assess the threat landscape, make recommendations, and track fixes across Fluence global fleet of deployed energy storage systems.
Key Responsibilities:
The Security Engineer (Vulnerability and Patch Management) will use various security tools to identify, classify and track remediation of vulnerabilities in our systems. The engineer will interact with other teams to enable prioritization, escalation, and remediation of vulnerabilities as needed. Automated scanners as manual penetration testing to assess the security posture of the environment is needed. The engineer must have the ability to document policies and procedures and keep them updated according to industry compliance requirements and track of remediation of vulnerabilities as they are handed off to the other teams. The Security Engineer will:
•Evaluating and implementing new and state-of-the-art technology to address challenging customer problems. Participate in network and security design reviews
•Ensuring network security and communicating security vulnerabilities of all severities to affected stakeholders within the global services organization
•Planning, implementing, managing, monitoring, and upgrading security measures for the protection of the organization's data, systems, and networks
•Strong knowledge of Linux operating systems, command line usage, and system administration
•Have Strong knowledge of Tenable Nessus or Wazhu or InsightVM/InsightAppSec or similar vulnerability assessment tools; including configuration and maintenance, scan execution, agent deployment and oversight
•Conduct vulnerability scans at the network, operating system, database, and application levels on both internal and external systems within the organizations enterprise
•Establishes multiple relationships with senior level customers and managers across the organization to act as a respected technical interface both internally and externally to deliver and enhance the service.
•Analyze threat and vulnerability feeds and analyze data for applicability.
•Conduct vulnerability assessments, red teaming and penetration testing to identify weaknesses and countermeasures
•Work with both external vendors, customers and other groups to coordinate and conduct schedule and ad-hoc testing
•Provide timely vulnerability assessment reports to key stakeholders
•Provide relevant threat intelligence documents to key stakeholders
•Understanding of DevOps including orchestration (GIT, Chef, Ansible, etc)
Required Skills:
•B.A or B.S. (or higher level degree) in Computer Science or a similar engineering program with strong academic performance preferred
•Understanding of the Top 10 OWASP (Open Web Application Security Project) vulnerabilities (most critical web vulnerabilities) and how to identify and remediate them
•5+ years’ experience in Cybersecurity or Vulnerability Management or related field
•Knowledge of AWS (Amazon Web Services), GPC (Google Private Cloud), Azure, or other cloud platforms and related technologies is desired.
•Familiar with Linux systems preferably using Red Hat/Fedora, Ubuntu, or Debian.
•Experience in the scripting language such as python, bash or java.
•Fundamental understanding of Networking.
•Experience with security - hardening of Linux systems.
•Experience with Agile development methodologies (Scrum).
•Experience with automation tools and CI/CD pipelines, such as Jenkins, CircleCI or GitLab
•Proven success on challenging projects where you made key contributions while demonstrating ownership, creativity, and initiative.
•Competence in MS Word, Excel, PowerPoint, and Outlook.
\n
\n
