Ortho Clinical Diagnostics
Threat & Vulnerability Management Engineer
Ortho Clinical Diagnostics, San Diego, California, United States, 92189
The Opportunity
QuidelOrtho unites the strengths of Quidel Corporation and Ortho Clinical Diagnostics, creating a world-leading in vitro diagnostics company with award-winning expertise in immunoassay and molecular testing, clinical chemistry and transfusion medicine. We are more than 6,000 strong and do business in over 130 countries, providing answers with fast, accurate and consistent testing where and when they are needed most - home to hospital, lab to clinic.
Our culture puts our team members first and prioritizes actions that support happiness, inspiration and engagement. We strive to build meaningful connections with each other as we believe that employee happiness and business success are linked. Join us in our mission to transform the power of diagnostics into a healthier future for all.
The Role
As we continue to grow as QuidelOrtho, we are seeking a Threat & Vulnerability Management Engineer/Analyst to support our cybersecurity team. This highly skilled Penetration Tester with expertise in Tenable.io to join our dynamic cybersecurity team. The Penetration Tester will be responsible for conducting network, application, and cloud-based penetration testing while utilizing Tenable.io for vulnerability scanning, analysis, and reporting. The successful candidate will assess the security of our systems, identify weaknesses, and provide actionable recommendations to mitigate risks.
This position will be working in a hybrid schedule in San Diego, CA or Raritan, NJ (2-3 days onsite).
The ResponsibilitiesPerform in-depth penetration tests on networks, web applications, APIs, mobile applications, cloud infrastructures, and IoT devices.Simulate various attack scenarios to identify vulnerabilities, weaknesses, and potential risks in the organization's security posture.Develop and execute both manual and automated testing methodologies to assess the organization's infrastructure.Conduct comprehensive vulnerability assessments using Tenable.io, including network scanning, agent deployment, and asset discovery.Analyze and interpret Tenable.io scan results, prioritizing vulnerabilities based on risk and impact.Assist with the deployment, configuration, and maintenance of Tenable.io within the organization.Prepare detailed reports summarizing findings, risks, and recommended remediation steps for stakeholders.Collaborate with development and infrastructure teams to advise on remediation efforts and provide security expertise.Perform retesting of vulnerabilities to validate remediation actions.Contribute to the improvement of security testing procedures, methodologies, and toolsets.Stay up to date with the latest security trends, threats, and best practices to improve testing methods.Provide security training and awareness to internal teams as needed.Work closely with other cybersecurity professionals, IT teams, and external vendors to address security vulnerabilities.Provide consultation and recommendations for improving overall security posture based on penetration testing results.Strong communications skills with the ability to explain technical concepts in layman terms.Perform other work-related duties as assigned.The Individual
Required:
Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field (equivalent experience will be considered).Proven experience as a Penetration Tester with a strong understanding of common security vulnerabilities (e.g., OWASP Top 10, MITRE ATT&CK).Hands-on experience with Tenable.io, including deployment, configuration, and reporting.Experience with scripting languages (e.g., Python, Bash) and penetration testing tools (e.g., Metasploit, Burp Suite, Nmap, Wireshark).Strong knowledge of vulnerability scanning, risk assessment, and remediation techniques.Proficiency in network and application security principles, testing frameworks, and methodologies.Excellent communication skills for preparing reports and communicating technical details to non-technical stakeholders.Ability to travel up to 5%.Preferred:
Experience with Rapid7Relevant certifications such as OSCP, CEH, GPEN, GWAPT, or similar.Tenable.io-specific certifications.The Key Working Relationships
Internal Partners:
All levels of the organization.External Partners:
Vendors and Customers.
The Work Environment
No strenuous physical activity, though occasional light lifting of files and related materials is required. 30% of time in meetings, working with team, or talking on the phone, 70% of the time at the desk on computer, doing analytical work. Minimal travel required. Travel includes airplane, automobile travel and overnight hotel.
Physical Demands
Typically, 40% of time in meetings; 60% of time at the desk on computer/doing paperwork/ on phone, doing analytical work. Walking, standing, and sitting for long periods of time are routine to accomplish tasks in this role. Specific vision abilities required by this job include close and distance vision and the ability to adjust focus. Ability to travel on short term notice.
Salary Transparency
The salary range for this position takes into account a wide range of factors including education, experience, knowledge, skills, geography, and abilities of the candidate, in addition to internal equity and alignment with market data. At QuidelOrtho, it is not typical for an individual to be hired at or near the top range for their role and compensation decisions are dependent on the facts and circumstances of each case. The salary range for this position is $95,000 - $110,000. QuidelOrtho offers a comprehensive benefits package including medical, dental, vision, life, and disability insurance, along with a 401(k) plan, employee assistance program, Employee Stock Purchase Plan, paid time off (including sick time), and paid Holidays. All benefits are non-contractual, and QuidelOrtho may amend, terminate, or enhance the benefits provided, as it deems appropriate.
Equal Opportunity
QuidelOrtho believes in Equal Opportunity for all and is committed to ensuring all individuals, including individuals with disabilities, have an opportunity to apply for those positions that they are interested in and qualify for without regard to race, religion, color, national origin, citizenship, sex, sexual orientation, gender identity, age, veteran status, disability, genetic information, or any other protected characteristic. QuidelOrtho is also committed to providing reasonable accommodations to qualified individuals so that an individual can perform the duties. If you are interested in applying for an employment opportunity and require special assistance or an accommodation to apply due to a disability, please contact us at recruiting@quidelortho.com.
QuidelOrtho unites the strengths of Quidel Corporation and Ortho Clinical Diagnostics, creating a world-leading in vitro diagnostics company with award-winning expertise in immunoassay and molecular testing, clinical chemistry and transfusion medicine. We are more than 6,000 strong and do business in over 130 countries, providing answers with fast, accurate and consistent testing where and when they are needed most - home to hospital, lab to clinic.
Our culture puts our team members first and prioritizes actions that support happiness, inspiration and engagement. We strive to build meaningful connections with each other as we believe that employee happiness and business success are linked. Join us in our mission to transform the power of diagnostics into a healthier future for all.
The Role
As we continue to grow as QuidelOrtho, we are seeking a Threat & Vulnerability Management Engineer/Analyst to support our cybersecurity team. This highly skilled Penetration Tester with expertise in Tenable.io to join our dynamic cybersecurity team. The Penetration Tester will be responsible for conducting network, application, and cloud-based penetration testing while utilizing Tenable.io for vulnerability scanning, analysis, and reporting. The successful candidate will assess the security of our systems, identify weaknesses, and provide actionable recommendations to mitigate risks.
This position will be working in a hybrid schedule in San Diego, CA or Raritan, NJ (2-3 days onsite).
The ResponsibilitiesPerform in-depth penetration tests on networks, web applications, APIs, mobile applications, cloud infrastructures, and IoT devices.Simulate various attack scenarios to identify vulnerabilities, weaknesses, and potential risks in the organization's security posture.Develop and execute both manual and automated testing methodologies to assess the organization's infrastructure.Conduct comprehensive vulnerability assessments using Tenable.io, including network scanning, agent deployment, and asset discovery.Analyze and interpret Tenable.io scan results, prioritizing vulnerabilities based on risk and impact.Assist with the deployment, configuration, and maintenance of Tenable.io within the organization.Prepare detailed reports summarizing findings, risks, and recommended remediation steps for stakeholders.Collaborate with development and infrastructure teams to advise on remediation efforts and provide security expertise.Perform retesting of vulnerabilities to validate remediation actions.Contribute to the improvement of security testing procedures, methodologies, and toolsets.Stay up to date with the latest security trends, threats, and best practices to improve testing methods.Provide security training and awareness to internal teams as needed.Work closely with other cybersecurity professionals, IT teams, and external vendors to address security vulnerabilities.Provide consultation and recommendations for improving overall security posture based on penetration testing results.Strong communications skills with the ability to explain technical concepts in layman terms.Perform other work-related duties as assigned.The Individual
Required:
Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field (equivalent experience will be considered).Proven experience as a Penetration Tester with a strong understanding of common security vulnerabilities (e.g., OWASP Top 10, MITRE ATT&CK).Hands-on experience with Tenable.io, including deployment, configuration, and reporting.Experience with scripting languages (e.g., Python, Bash) and penetration testing tools (e.g., Metasploit, Burp Suite, Nmap, Wireshark).Strong knowledge of vulnerability scanning, risk assessment, and remediation techniques.Proficiency in network and application security principles, testing frameworks, and methodologies.Excellent communication skills for preparing reports and communicating technical details to non-technical stakeholders.Ability to travel up to 5%.Preferred:
Experience with Rapid7Relevant certifications such as OSCP, CEH, GPEN, GWAPT, or similar.Tenable.io-specific certifications.The Key Working Relationships
Internal Partners:
All levels of the organization.External Partners:
Vendors and Customers.
The Work Environment
No strenuous physical activity, though occasional light lifting of files and related materials is required. 30% of time in meetings, working with team, or talking on the phone, 70% of the time at the desk on computer, doing analytical work. Minimal travel required. Travel includes airplane, automobile travel and overnight hotel.
Physical Demands
Typically, 40% of time in meetings; 60% of time at the desk on computer/doing paperwork/ on phone, doing analytical work. Walking, standing, and sitting for long periods of time are routine to accomplish tasks in this role. Specific vision abilities required by this job include close and distance vision and the ability to adjust focus. Ability to travel on short term notice.
Salary Transparency
The salary range for this position takes into account a wide range of factors including education, experience, knowledge, skills, geography, and abilities of the candidate, in addition to internal equity and alignment with market data. At QuidelOrtho, it is not typical for an individual to be hired at or near the top range for their role and compensation decisions are dependent on the facts and circumstances of each case. The salary range for this position is $95,000 - $110,000. QuidelOrtho offers a comprehensive benefits package including medical, dental, vision, life, and disability insurance, along with a 401(k) plan, employee assistance program, Employee Stock Purchase Plan, paid time off (including sick time), and paid Holidays. All benefits are non-contractual, and QuidelOrtho may amend, terminate, or enhance the benefits provided, as it deems appropriate.
Equal Opportunity
QuidelOrtho believes in Equal Opportunity for all and is committed to ensuring all individuals, including individuals with disabilities, have an opportunity to apply for those positions that they are interested in and qualify for without regard to race, religion, color, national origin, citizenship, sex, sexual orientation, gender identity, age, veteran status, disability, genetic information, or any other protected characteristic. QuidelOrtho is also committed to providing reasonable accommodations to qualified individuals so that an individual can perform the duties. If you are interested in applying for an employment opportunity and require special assistance or an accommodation to apply due to a disability, please contact us at recruiting@quidelortho.com.