Sr. Security Engineer (whitebox assessments)

Position: Sr. Security Engineer Location: Tempe, AZ or Tampa, FL - Hybrid Duration: 6 months Compensation: $65.00 - $72.00/hr. Work Requirement: US Citizen, GC Holder, or Authorized to work in U.S Job Summary: Perform Whitebox assessment for high risk in-house developed applications (projects and annual MPT engagements) Create custom tool(s) and/or modify existing tool(s) to aid with vulnerability detection automation process Communicate and work closely with application managers and lead developers across business lines on security finding(s) to ensure their understanding of associated risks and actions needed to remediate those risks Taking the lead in identifying, and evaluating application security issues as they arise and coordinating with key stakeholder(s) to ensure that issues are mitigated and/or remediated in a timely basis Continually research on new exploitation/attack techniques against technology stack(s) currently being used at the organization Job Requirements: Responsible for participating with the Information Security team to plan, develop, and execute vulnerability and policy compliance assessments. Configures enterprise vulnerability assessment tools, performs internal/external scans, analyzes detected vulnerabilities, identifies the relevant threats and eliminates false positives through manual validation. Generates reports on assessment findings and summarizes them to facilitate remediation tasks for other operational teams. Will create and updates procedures for the vulnerability and compliance assessment process, including procedures on using the assessment tool (Qualys). Work with operation teams and stakeholders on building the asset inventory and grouping. Review and update security standards. Will create and maintain compliance controls based on company security standards. Skills required are current or previous experience with vulnerability and compliance process and assessment using Qualys, administration preferred. Recent hands on experience with QualysGuard Policy Compliance product and building customized controls. Solid working experience and knowledge of nix operating systems (admin skill in Linux/AIX a plus). Knowledge of Windows networking, windows domains and active directory, GPOs and end-point security. Performed system hardening based on security standards. Ability to perform threat, vulnerability and risk assessments against environment. Experience in preparing reports and metrics on the status of completed assessments, progress of remediation actions and performance of the assessment tools. Knowledge in industry and government security standards (NIST, CIS, etc.). Familiarity with standard security best practices and vulnerability management processes including compliance reporting. Excellent verbal and written communication skills, as well as organization and presentation skills. 6-7 years of experience. Our benefits package includes: Comprehensive medical benefits Competitive pay, 401(k) Retirement plan and much more About INSPYR Solutions: As a leading information technology partner, we connect top IT talent with our clients to provide innovative business solutions through our IT Staffing, Professional Services, and Infrastructure Solutions divisions. We understand and value the unique needs of highly-skilled information technology professionals in the industry and always strive to stay above the curve. Our company was founded on the following core values: Be the Best, Understand the Urgency, Never Ever Give Up, Have the Courage to Excel, and Make a Contribution. We take pride in our business model and strive to create a positive workplace environment through an exemplary culture. INSPYR Solutions provides Equal Employment Opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, or genetics. In addition to federal law requirements, INSPYR complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities.