Vacancy caducado!
Albertsons Companies is one of the largest food and drug retailers with 2,300+ stores. The Albertsons Companies family of brands includes some of the most prominent brands in food retailing, with a growing base of loyal shoppers. Thanks to the professionalism, diversity, spirit, and friendliness of our people, we have locations across the U.S.The Information Technology Department has an opening for an Information Security Engineer in the vulnerability management space. This position is located in Boise, Idaho, Pleasanton, California or Phoenix, Arizona.Key Responsibilities include, but are not limited to:
- Plans, develops, and executes vulnerability scans of organization information systems
- Analyzes data from threat and vulnerability feeds and analyzes data for applicability to the organization
- Interpret vulnerability scan output and provide quantitative analysis of the results to management.
- Collaborate with other IT support teams in troubleshooting and remediating outstanding vulnerabilities.
- Ensures compliance with all applicable configuration standards
- Manages enterprise vulnerability assessment and configuration assessment tools
- Performs compensating controls analysis and validates efficacy of existing controls
- Creates and generates custom reports on assessment findings and summarizes to facilitate remediation tasks
- Recommends security controls and/or corrective actions for mitigating technical and business risk
- Produces vulnerability, configuration, and coverage metrics and reporting to demonstrate assessment coverage and remediation effectiveness
- Conduct network, application, and mobile penetration tests
- Create vulnerability and/or pen test reports and present to management
- BS/MS in Computer Science/Information Security or BS/MS and relevant experience in Information Security.
- 3-5+ years of information security experience in the security aspects of multiple platforms, operating systems, software, communications and network protocols or an equivalent combination of education and work experience.
- 1-3+ years vulnerability scanning experience using enterprise tools such as Tenable, Rapid7, Qualys, and/or other vulnerability scanning tools.
- Expertise regarding security testing methodologies, common application security vulnerabilities, and penetration testing
- Hands-on experience and knowledge of including but not limited to following:
- Penetration testing, vulnerability scanning, SIEM, patch management solution, data leakage solution, intrusion prevention systems, web content filter, web application firewall, DDOS prevention
- Understanding of network security risks, exploits, and OS hardening techniques
- Current SANS, ISC2, and/or other security certifications preferred.
- Working experience of Unix/Linux and Windows operating systems, databases and its security capabilities.
- Ability to rapidly learn and apply advanced and emerging technical security principles, theories, and concepts.
- Exceptional analytical ability, communication and project management skills, documentation and the ability to work effectively with clients, IT management and staff, vendors and consultants.
- 3-5+ years experience in four or more of the following:
- Vulnerability management
- Scripting (ex: PowerShell, WMI, BASH)
- Data Analysis and Reporting (ex: Excel PivotTable, PowerBI)
- Network topologies (WAN/LAN, protocols) and packet level inspection analysis
- Encryption technologies (ex: SSL/TLS, IPSec, TDE, PKI)
- Authentication/Authorization
- Web Application Firewall, Firewalls, IPS/IDS
- Penetration testing
- Database Security/ Web Application Security/ Wireless Security
- OS hardening and security best practices
- Compassion: We always treat each other with kindness and respect
- Team: We always support and recognize each other
- Inclusive: We always value everyone's perspective
- Learning: We always strive to grow and develop ourselves and others
- Competitive: We always act with integrity to win over the customer
- Ownership: We always take actions to drive our success
- Work may be performed in a temperature-controlled environment.
- Must sit, stand, or walk for extended periods of time.
- May spend long periods of time at desk or computer terminal.
- Will use keyboards, telephone, and other office equipment during the course of normal workday.
- Stooping, bending, twisting, and reaching may be required in completion of job duties.
- Work day is fast paced; some evening and weekend work may be required.