• 20 Jun 2019 9:56 PM
    Message # 7591351
    James Walters (Administrator)

    Publish Date: Jun 18, 2019

    Location: Richmond, VA, US

    Company: Atos

    Atos SE (Societas Europaea) is a leader in digital services with pro forma annual revenue of circa $ 6 billion and circa 100,000 employees in 72 countries. Serving a global client base, the Group provides Consulting & Systems Integration services, Managed Services & BPO, Cloud operations, Big Data & Cyber-security solutions, as well as transactional services through Worldline, the European leader in the payments and transactional services industry. With its deep technology expertise and industry knowledge, the Group works with clients across different business sectors: Defense, Financial Services, Health, Manufacturing, Media, Utilities, Public sector, Retail, Telecommunications, and Transportation.

    Atos is focused on business technology that powers progress and helps organizations to create their firm of the future. The Group is the Worldwide Information Technology Partner for the Olympic & Paralympic Games and is listed on the Euronext Paris market. Atos operates under the brands Atos, Atos Consulting, Atos Worldgrid, Bull, Canopy, Unify and Worldline.


    Location: Richmond, VA


    The North American Cyber Security Division of Atos is currently looking for a Vulnerability Management Engineer (VME) to join their team and be a part of a transition and engineering team responsible for delivering the Atos Prescriptive Cyber Security solution to customers across North America.

    As a Vulnerability Management Engineer, you will be a vulnerability and compliance deployment specialist for a very diverse client base. You will be working with a team that is responsible for the deployment of Tenable Nessus solutions, vulnerability process standup, change execution, and the maintenance and support of various vulnerability management technologies in a rapidly changing security sector in large enterprises.

    This role will ensure standard methodology implementation and operations of vulnerability and compliance management solutions, policies and emerging technology to meet and respond to the ever-present threat to our client’s data and infrastructure. You will ensure that all technologies are operationally ready and documented for the operational teams to execute on capabilities.

    Core Responsibilities


    • Stay ahead of evolving cyber threats and vulnerabilities, as well as recent breaches and the charge vectors
    • Work well with customers to bring together requirements and ensure implementation of vulnerability and compliance management solutions
    • Develop and document standard methodologies for vulnerability and compliance management solutions
    • Lead the implementation team across multiple projects to endure the vulnerability and compliance solution is deployed according to standard methodologies
    • Responsible for the creation of procedures, implementation of processes and development of staff for vulnerability and compliance management solutions
    • Contributor works closely with Senior Engineers in supporting existing systems and initiatives
    • Responsible for configuration of current enterprise security log source types into the SIEM
    • Analyzes and identifies areas of improvement with existing processes, procedures and documentation
    • Demonstrates how to use vulnerability and compliance management solutions products to both technical/non-technical personnel
    • Provide remote consulting services via interactive client sessions to assist with implementation of multiple product vendors and technologies
    • Use ITIL Service Request, Incident, Risk, Problem, and Change Management principles to optimize and reduce risks within IT systems, particularly as it relates to security
    • Design and configure system management tools to provide monitoring and management of vulnerability and compliance management solutions

    Minimum Qualifications 

    • 1+ years professional experience maintaining Tenable Nessus systems
    • 1-2 years professional experience working with vulnerability and compliance management solutions
    • 1+ year professional experience writing Nessus audit files and custom plugins
    • Knowledge of web application scanning using Tenable Products
    • College degree or equivalent training with experience working in the Cyber Security field
    • Information security knowledge in one or more areas such as Enterprise security products
    • Understanding of network architecture and implementation is a requirement; You will have worked with network security analysis
    • Experience with Tenable Security Center dashboard creation and reporting
    • Knowledgeable of Linux and Windows Operating systems (Windows and Linux knowledge required)
    • Demonstrable experience architecting, implementing, tuning, and being responsible for the Tenable Security Center
    • Preferred experience with Tenable IO
    • Basic experience with ITIL processes such as Incident/Problem/Configuration/Change management.
    • Basic customer handling skills along with extensive hands on skills in defining and creating operational/procedure documents
    • In-depth technical knowledge of vulnerabilities associated with current network, Operating systems and security hardware, software, protocols and Internet standards
    • Knowledge applying security principles as it relates to IT Governance, Risk, and Compliance
    • Basic understanding of SANS Critical Security Controls (CSC)
    • Basic to Moderate knowledge of penetration techniques
    • Basic knowledge of Information Technology forensic techniques
    • Capable of technical documentation for data flows, system integrations, design documentation, and standard operating procedures
    • General security knowledge (GIAC, CISSP, CCSE, CISA, HBSS, CEH, Cisco Security, Security +, or other security certifications)
    • An understanding of a wide array of server grade applications such as: DBMS, Exchange, DNS, SMTP, IIS, Apache, SharePoint, Active Directory, Identity Management, Patch Management, LDAP, SQL, and others 

    Recommended Certifications 

    • Certified Information Systems Security Professional (CISSP)
    • GIAC Systems and Network Auditor (GSNA)
    • GIAC Certified Penetration Tester (GPEN)

    Certificate of Proficiency for the corresponding product knowledge of, Nessus, SecurityCenter, SecurityCenter Continuous View



    Last modified: 20 Jun 2019 9:59 PM | James Walters (Administrator)

Copyright 2018, International Information Systems Security Certification Consortium, Inc. (“(ISC)²), in website format and trade dress only. All Rights Reserved. (ISC)², CISSP, SSCP, CAP, ISSAP, ISSEP, ISSMP, CSSLP, and CBK are registered certification, service, and trademarks of (ISC)². Disclaimer: (ISC)²” does not own, operate, or moderate this website. All content of this site, exclusive of licensed trademarks or copyright, is the property of the designated (ISC)² Chapter organization, which is not owned, managed, or controlled by (ISC)² and operates independent of (ISC)².  

(ISC)2RVA is a 501(c)3 nonprofit organization.  EIN: 83-4655968

P.O. Box 2566, Glen Allen, VA 23058-2566

Powered by Wild Apricot Membership Software