Vulnerability and Patch Management - Stonehenge Staffing, LLC
Long Beach, NY
About the Job
Vulnerability and Patch Management
1. Main Purpose
To provide an ongoing, regular process of identifying, assessing, reporting on, managing and
remediating cyber vulnerabilities across endpoints, workloads and systems.
To provide an ongoing, regular process of identifying, assessing, reporting on, managing and
remediating cyber vulnerabilities across endpoints, workloads and systems.
2. Reporting Structure
The Vulnerability and Patch Management Engineer reports directly to the Vice President of Infrastructure.
3. Duties
The Vulnerability and Patch Management Engineer will provide support services for the company.
They are expected to use the company’s vulnerability management system and other
tools to manage and remediate vulnerabilities on all network systems. They will also be required
to provide periodic updates on the effectiveness of the vulnerability program.
The Vulnerability and Patch Management Engineer will provide support services for the company.
They are expected to use the company’s vulnerability management system and other
tools to manage and remediate vulnerabilities on all network systems. They will also be required
to provide periodic updates on the effectiveness of the vulnerability program.
3.1. Job Functions
• Configuring weekly internal and external vulnerability scans.
• Running vulnerability scans and reviewing reports to identify potential vulnerabilities.
• Creating remediation plans and schedules to mitigate identified vulnerabilities.
• Working with IT Support to test systems after patching.
• Analyzing current security requirements and making suggestions for improvements.
• Participate in security audits.
• Perform inventory scans on the network to identify new systems that may need to be
monitored.
• Troubleshooting applied patches and working with other IT members to correct issues
that may arise.
• Maintaining documentation on the vulnerability program.
• Create weekly reports on the effectiveness of the vulnerability program.
• Monitor external sources to keep current with the latest news and events surrounding
cyber threats and security.
3.2. Qualification Requirements
• Experience with Open Source tools, programs & protocols: SecPod, syslog, Apache
HTTPD & Tomcat, Jetty, Java, SSL/TLS & Certificates, OpenSSL, OpenSSH, OpenLDAP,
Nagios, Bind, Alfresco, CIFS, Samba, NFS, LPR/LPD/CUPS, rync, Amanda,
Dirvish, Syslog, SNMP, SMTP/Sendmail, ClamAV, Squid, KVM virtualization,
nextcloud, wordpress, GLPI.
• Able to review vulnerability reports to identify remediation requirements.
• Familiar with programming languages such as java, shell, perl, python, javascript or
php.
• Skilled at troubleshooting.
• Excellent organizational and communication skills (verbal & written).
• Ability to work independently, under general supervision and as a part of a team, on
several concurrent tasks with changing priorities.
4. Document Owner and Approval
The Vice President of Infrastructure is the owner of this document and is responsible for ensuring
that the job duties reflect the current requirements for the position.
Source : Stonehenge Staffing, LLC