Sr. Vulnerability Management Engineer - Dun & Bradstreet Short Hills, Millburn, NJ, USA Bookmark Share Print 655 1 1

Listing Description

Life here at Dun & Bradstreet is changing – for the better. With almost two centuries of experience and a new modern vibe, work at D&B has never been more exhilarating. Our purpose is to grow the most valuable relationships in business by uncovering truth and meaning in data. We’re wildly passionate about our purpose, and it has us evolving everything we do – from how we engage with our customers to how we energize one another. So, if you thrive in a fluid, agile culture but want the solidity of a storied and commanding brand, come join us!

Sr. Vulnerability Management Engineer

We are looking for highly self-motivated candidate for our Global Vulnerability Management team within Global Security and Risk. Our team performs one of the most critical security and risk functions at the firm detecting vulnerabilities in our technology and ensuring their remediation before they can be exploited by malicious hackers.Key Responsibilities:

• Development, maintenance, and continual improvement of the vulnerability management platform, processes, and technical assessment support

• Collaborate extensively with firms engineering teams to help them understand their vulnerabilities and collectively develop remediation and mitigation strategies.

• Follow public and/or private vulnerability feeds

• Rate D&B’s exposure (impact and likelihood of compromise) to newly identified vulnerabilities

• Provide proof-of-concept exploits in a lab environment to demonstrate exploitability

• Provide risk assessment inputs into patch management policies and activities for multiple platforms across the firm.

• Develop and maintain metrics and reports on vulnerability findings and remediation compliance.

• Contribute to network security strategy and automation

• Maintain knowledge and skillset relevant to trends in the industry

Qualifications/Requirements:

• Minimum 10-12 years of security experience, specifically around organizational security and vulnerability management.

• Experience with common vulnerability feeds from government, vendor, and open source communities

• Understanding of threat actors with the ability to articulate how they operate and demonstrate how they subvert common security controls

• Familiarity with vulnerability management frameworks and concepts such as CVE, and CVSS

• Ability to assess and articulate actual business risk along with good report writing and client presentation skills of researched vulnerabilities

• Demonstrated understanding of infrastructure and cloud vulnerability scanning

• Ability to develop and maintain positive relationships with other technology teams

• Good understanding of the OWASP Top 10. Familiarity with vulnerabilities in 3rdparty libraries and remediation

• Scripting and/or programming skills (e.g., Python, PowerShell, Java, JS, etc.)

• A strong understanding of application, Linux, Windows and network security

• Ability to work both independently and in a highly collaborative team environment

• Understanding of the lean and agile framework and processes

• Strong communication skills – written and verbal

Dun & Bradstreet is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, age, national origin, citizenship status, disability status, sexual orientation, gender identity or expression, pregnancy, genetic information, protected military and veteran status, ancestry, marital status, medical condition (cancer and genetic characteristics) or any other characteristic protected by law.