Vulnerability Management / Security Engineer

Sonoma Consulting is one of the fastest growing national IT Consulting and Executive Search company in the United States, which was founded in 2011 by Mark McGee, the President and CEO. Sonoma Consulting has two business divisions - IT Consulting Services & Executive Search to serve its 150 national clients which range from entrepreneurial start-ups to Global Fortune 500.

Reason for contingent headcount?

We are formalizing a vulnerability management program for infrastructure systems, including servers, appliances, network, storage, and voice systems.

Infrastructure Vulnerability Management

• Manage inflow of vulnerabilities from vulnerability scanning team
• Coordinate vulnerability research activities with infrastructure tower teams
• Track vulnerability remediation plans
• Manage vulnerability remediation reporting capabilities

• Infrastructure engineering teams (compute, storage, network, voice)
• IT Operations
• Information Security

• 12 months initially, extensions reviewed annually

List the position Requirements:

Position includes the following responsibilities:

• Manage the inflow of vulnerability data from the vulnerability scanning team
• Identify new findings, and coordinate research and remediation plan with tower teams
• Track and report on vulnerability remediation plans

Must Haves:

Enterprise-level experience managing the remediation of vulnerabilities in two or more of the following areas:

• Server Operating Systems (Windows Server, Red Hat)
• End User Compute (Windows)
• Virtualization (VMware)
• Network (Cisco, Palo Alto, F5, Infoblox, McAfee)
• Storage (NetApp, EMC)
• Voice (Cisco, Avaya, Oracle)
• Ability to efficiently parse vulnerability reports, understand potential impact, and identify appropriate resolving team
• Ability to organize responses from multiple sources into comprehensive action plans
• Ability to follow action plans though to resolution
• Experience contributing to multi-disciplined project teams for service delivery
• Strong written and interpersonal communication skills

Preferred/Nice-to-haves:

• Experience managing vulnerability lifecycles in a Vulnerability Management system

All qualified applicants will receive consideration for employment without regard to race, color, religion, place of origin, ethnic origin, national origin, ancestry, age, sex, sexual orientation, gender identity, transgender status, genetic information, mental or physical disability, marital status, pregnancy, veteran status, or any other characteristic protected by applicable national, state, or local law.