Security Engineer – Level II (Threat & Vulnerability Management)

Rackspace Cyber Defense

Security Engineer – Level II (Threat & Vulnerability Management)

About Rackspace Cyber Defence

Rackspace Cyber Defence is our next generation cyber defence and security operations capability that builds on 20+ years of securing customer environments to deliver proactive, risk-based, threat-informed and intelligence driven security services.

Our purpose is to enable our customers to defend against the evolving threat landscape across on-premises, private cloud, public cloud and multi-cloud workloads.

Our goal is to go beyond traditional security controls to deliver cloud-native, DevOps-centric and fully integrated 24x7x365 cyber defence capabilities that deliver a proactive, threat-informed, risk-based, intelligence-driven approach to detecting and responding to threats.

Our mission is to help our customers:

·       Proactively detect and respond to cyber-attacks – 24x7x365.

·       Defend against new and emerging risks that impact their business.

·       Reduce their attack surface across private cloud, hybrid cloud, public cloud, and multi-cloud environments.

·       Reduce their exposure to risks that impact their identity and brand.

·       Develop operational resilience.

·       Maintain compliance with legal, regulatory and compliance obligations.

What we’re looking for

To support our continued success and deliver a Fanatical Experience™ to our customers, Rackspace Cyber Defence is looking for an Indian based Threat & Vulnerability Management Analyst to support Rackspace’s strategic customers.

This role is particularly well-suited to a self-starting, experienced and motivated Threat & Vulnerability Management Analyst, who has a proven record of accomplishment in the identification, evaluation, prioritisation and coordinating the remediation of threats and vulnerabilities across larger estate.

As a Threat & Vulnerability Management Analyst, you will be responsible for responding to threats posed across Customer on-premises, private cloud, public cloud and multi-cloud workloads environments.

The primary focus to manage the vulnerabilities in customer environment, which may indicate malicious activity, and determining if threats are real or not. You will also be required to liaise closely with the customer’s key stakeholders to address the risk.

Key Accountabilities

Lead vulnerability assessments and scans using the Qualys tool to identify security weaknesses across applications and systems.

Expertly set up and configure the Qualys virtual scanner for comprehensive assessments.

Analyse and assess vulnerability reports in a professional manner, ensuring clarity and actionable insights for stakeholders.

Prioritize vulnerabilities based on risk assessment and produce detailed reports for stakeholders.

Collaborate with IT and security teams to develop and implement remediation plans for identified vulnerabilities.

Track remediation efforts and provide ongoing updates on progress to management and clients.

Conduct regular calls with clients to discuss vulnerability findings, remediation strategies, and improvement recommendations.

Monitor vulnerability remediation efforts and provide updates to management.

Maintain and optimize the configuration of the Qualys tool for accurate scanning and reporting.

Stay updated on emerging threats, vulnerabilities, and industry best practices to enhance the vulnerability management strategy.

·       Conduct training sessions for staff on vulnerability awareness and management processes. Familiar with industry standard security best practices and vulnerability management process including compliance reporting.

·       Willing to work in flexible working hours.

Skills & Experience

·       At least 5 years of experience as a Threat & Vulnerability Management along with remediation.

·       Need experience driving the remediation process and a strong understanding of patch management.

·       Experience with vulnerability management tools such as Qualys, Tenable and Skybox.

·       Experience of working in large scale, public cloud environments and with using cloud native security monitoring tools such as: -

o   Microsoft Sentinel, Microsoft Defender for Cloud and Microsoft 365 Defender

o   GCP (Google Cloud Platform) security tools such as Chronicle and Security Command Centre

o   AWS (Amazon Web Services) security tools such as AWS Security Hub, AWS Guard Duty, AWS Macie, AWS Config and AWS CloudTrail

·       Knowledge of IT (Information Technology) security best practices including operating systems (Windows, Unix, Linux), end-user application, and network security.

·       Good to have experience around VM process around APIs, Containers, Mobile.

·       Knowledge of security standards (good practice) such as NIST, ISO27001, CIS (Center for Internet Security), OWASP and Cloud Controls Matrix (CCM) etc.

·       Good communication skills and should be able to work with multiple geography customers.

Preferred Qualifications:

·       Computer science / Information Technology related Engineering degree preferred.

Holding one of the following with be good to have -  

Qualys Certified Specialist

CISSP

CISM

 CEH.