Vulnerability Engineer/100% remote role/Citizen, GC, H4-EAD, OPT

Posted 7 months ago

Position: Vulnerability Engineer

Location:  Remote (EST or CST hours)

Duration: 9+ months

Mode of interview: phone / viedo 


Top 3 skills

Understanding windows server environment
How windows operating system functions, how remediation is developed for servers
Understanding of networks, IP addresses
In the past worked on the network side

Identifying vulnerabilities and defining a path for remediation for multiple domains. Database exp is preferred. Find network and servers, can teach the database.

Advising and helping with the practice 
Understanding of windows server and windows endpoints 
How the windows operations systems functional and remediation
MECM capabilities 
SCCM capabilities
Understanding of networks (someone who has networks exp)
Identifying vulnerabilities and remediation
Database is a huge plus
Leads and drives remediation efforts within systems and security environments to increase the efficiency of CarMax and Cybersecurity vulnerability management processes.
Analyzes security issues, determines cause and impact and identifies the corrective action needed to eliminate and prevent the event from happening in the future.
Exhibits good understanding of vulnerability validation, re-production, remedy advice and vulnerability research skills.
Articulates risk and impact to CarMax IT leaders with the proven ability to convey the urgency and need to remediate a vulnerability commensurate with the risk it presents to CarMax.
Define and report program roadmap, status, development issues and success metrics.
Actively engages with various internal stakeholders including IT, End User Computing, Information Security Team, Infrastructure teams (network, systems), development, and other relevant teams in the organization to conduct holistic response management on identified vulnerabilities and the remediation efforts
Must be able to analyse data and create executive reports and presentations for targeted audience.

Mandatory Skills:
?10+ years of related experience, specifically in Engineering/IT Operations, Security Operations, Vulnerability Management, and/or Incident Response

?Must have experience in Splunk, know how to configure policies, creation of dashboards, log analysis and reporting expertise.

?Hands on experience or strong understanding with Vulnerability Scanning & Management tools (Nexpose, Qualys, CrowdStrike, Falcon Spotlight)

?Experience in business process management, program management and/ or executive communication

?Ability to assemble and lead virtual teams to resolve incidents and to work collaboratively and remotely with others to accomplish goals, including MSP

SoftSages Technology – WMBE, E-Verified
Direct No: 202 449 3572
Phone: 484 3218314 X194 ,Address: 20 Mystic Lane, 2nd floor, Malvern, PA 19355
Website: Email: