Sr. Technical Security Engineer
- Dulles, VA
Oath, a subsidiary of Verizon, is a values-led company committed to building brands people love. We are a leader in digital and mobile media with a global house of 50+ brands. Oath is shaping the digital future.
The Senior Technical Security Engineer position is within Oath's IT Security group whose mission is to deliver information security solutions and services to protect Oath information assets, computing infrastructure, applications and data. The Sr. Engineer will work within the compliance and vulnerability management team helping to identify and mitigate risks against Oath. The ideal candidate will have great interest in information security, has hands-on security engineering experience and be able to come up with creative and unique solutions to security- related problems.
The Sr. Engineer will perform technical security engineering activities including the following:
- Perform vulnerability scans, analysis, validation and remediation activities.
- Perform network and application penetration testing.
- Classify and prioritize the risk of new vulnerabilities according to the specifics of Oath environment's risk level, mitigating factors, and assessment of the impacts of internal and external threats.
- Engineer application, system and network security solutions to meet security requirements for varied operating environments.
- Research and assess new threats, vulnerability security trends and security alerts, recommend remedial action.
- Work with customers to oversee remediation of identified security issues.
- Perform technical and non-technical compliance activities.
- Provide security subject matter expertise to Oath product teams including developers and system administrators.
- Perform security validation for configuration settings on different systems.
- Bachelor’s degree with a minimum of 5 years of information security work experience.
- A strong interest in the field of information security.
- Fluent in a variety of web application protocols, operating systems and networking technologies.
- Strong Understanding of common network vulnerabilities, OS vulnerabilities (Linux, Windows and OSX), patching and attack patterns.
- Strong analytical, problem solving and engineering skills.
- Good written and verbal communication skills.
- Solid organizational skills and strong customer service skills.
- Experience with parsing / analysis of large data sets (e.g. vulnerability scan results).
- Certified Information Systems Security Professional (CISSP).
- Expertise with OWASP/NIST security concepts and common application security risks, such as XSS, XSRF, SQL Injection, Cookie Manipulation among others.
- Familiarity with Enterprise Vulnerability Management tools such as Rapid 7 Nexpose, Nessus and Qualys.
- Familiarity with Amazon Web Services (AWS) security.
EEO/AA Women, Minorities, Veterans, Individuals with Disabilities Employer: Oath offers a competitive salary and benefits package, including 401(k) match and performance bonus. All qualified applicants will receive consideration for employment without regard to, and will not be discriminated against based on, race, gender, color, religion, national origin, sexual orientation, gender identity, veteran status, disability or other protected category.