Sr. Security Operations Engineer
Cybersecurity at Providence is responsible for appropriately protecting all information relating to its caregivers and affiliates, as well as protecting its confidential business information (including information relating to its caregivers, affiliates, and patients)
What will you be responsible for?
- Lead External Attack Surface Management (EASM) efforts, vulnerability assessments, and threat modeling activities against internal and external systems, applications, and infrastructure.
- Define objectives and scope of EASM testing activities within an ethical and legal framework.
- Design and execute comprehensive test plans covering functional, non-functional, and security aspects.
- Identify, prioritize, and report security vulnerabilities: Analyze discovered vulnerabilities, assess their impact, and recommend effective remediation strategies.
- Research, and evaluate current vulnerabilities, provide remediation and configuration guidance.
- Develop and maintain automated test scripts using various testing frameworks and tools.
- Collaborate with stakeholders to develop remediation strategies.
- Foster a culture of learning and development within the team by sharing expertise.
your work week look like?
- Utilize EASM tools to continuously monitor our external attack surface for unauthorized assets, misconfigurations, vulnerabilities, and potential exploits.
- Lead the analysis of vulnerability scan results, identification of vulnerability patterns and facilitate the remediation efforts.
- Provide support in incident response activities, particularly in analyzing and mitigating vulnerabilities related to security incidents.
- Develop and maintain process, playbooks, and procedures for EASM activities.
- Automate repetitive tasks around attack surface management activities.
- Develop and maintain metrics to track the EASM coverage and remediation.
- Conduct post-exploitation activities and assess potential consequences to product owners and stakeholders.
- Prioritize vulnerabilities based on risk and recommend comprehensive remediation strategies.
- Prepare and present security reports and findings to management and stakeholders.
- Collaborating with developers, product owners, and stakeholders to communicate security findings, recommend remediation actions.
- Maintain accurate and up-to-date documentation of Document testing procedures, findings, and recommendations.
Who are we looking for?
- Bachelor’s degree in computer science, Information Security, or related field.
- 8+ years of experience in Vulnerability Management, with at least 3 years of experience with External Attack Surface Management.
- Solid understanding of ASM/OSINT tools and utilities (e.g., Burp Suite, OWASP, OSINT, AMASS, Security Trails, Recorded Future, etc.).
- Previous experience with SOAR (e.g. Palo Alto XSOAR), XDR (e.g. CrowdStrike Falcon), SIEM (e.g. MS Sentinel).
- Knowledge of MITRE ATT&CK Framework, Cyber Kill Chain, IoC ingestion.
- Understanding of common web application frameworks and web-based APIs.
- Hands-on experience with cloud security platforms such as AWS, Azure, or GCP.
- Knowledge of relevant security standards and regulations (e.g. PCI, HIPAA, NIST).
- Experience with one or more scripting languages such as Bash, Python, Perl, PowerShell.
- Excellent communication, collaboration, and interpersonal skills.
- Ability to work independently and take ownership of projects.