Staff Engineer Information Security Threat and Vulnerability Management (TVM)

Equinix is the world’s digital infrastructure company, operating 200+ data centers across the globe and providing interconnections to all the key clouds and networks. Businesses need one place to simplify and bring together fragmented, complex infrastructure that spans private and public cloud environments. Our global platform allows customers to place infrastructure wherever they need it and connect it to everything they need to succeed.

We are a fast-growing global company with 70+ consecutive quarters of growth. Through our innovative portfolio of high-performance products and services, we have created the largest, most active global ecosystem of nearly 10,000 companies, including 1,800+ networks and 2,900+ cloud and IT service providers in over 26 countries spanning five continents.  

A career at Equinix means you will collaborate on work that impacts the world and be surrounded by endless opportunities to learn new skills and grow in varied directions. We embrace diversity in thought and contribution and are committed to providing an equitable work environment that is foundational to our core values as a company and is vital to our success. 

Job Summary: The position will work closely with other Information Security staff and IT functions to ensure the success of the Vulnerability Management program. Responsible for daily contribution to the Threat & Vulnerability Management charter and goals.
 
Responsibilities

• Demonstrate Information Security Threat and Vulnerability Management expertise.




• Assist in configuring vulnerability assessment tools, as well as performing scans, researching and analyzing vulnerabilities, identifying relevant threats, corrective action recommendations, summarizing and reporting results. 




• Coordinate scanning activities with cross functional teams and work collaboratively with all levels of the business.




• Analyze penetration test results and engage with technology partners and business units to resolve identified vulnerabilities within SLAs.




• Communicate scanning results and remediation plans to stakeholders.




• Provide guidance for addressing vulnerabilities, which could include system patching, deployment of specialized controls, standards, or infrastructure changes, and/or changes in development processes. Identify and resolve any false positive findings in assessment results .




• Produce metrics and reporting on the state of system security, threats, vulnerabilities, and patch management. 




• Interact with multiple global teams (security architecture, penetration testing, application development, Risk Officers, etc.).




• Monitor Remediation Activities.




• Manage tracking and remediation of vulnerabilities by leveraging agreed-upon action plans and timelines with responsible technology developers and support teams. 




• Validate remediation by reviewing application updates or deployed mitigations to verify resolution. 




• Assist in maintaining TVM tools / platforms.




• Maintain knowledge of the threat landscape.

Qualifications

• 3+ years of experience.




• Certification in SANS (GPEN), SANS (GCIH) and SANS (GCED) preferred.




• BS in Computer Science or equivalent.




• Technical network (e.g. CCNA, CCNP Security) and security certifications highly desirable (e.g. CISA, CISSP, GCIH).




• Understanding of controls (e.g. access control, auditing, authentication, encryption, integrity, physical security, and application security).




• Must be well versed in operating systems such as Linux as well as Windows environments, Active Directory, encryption schemas and algorithms, various authorization and authentication mechanisms/software, network monitoring and sniffing, TCP/IP networks, and vulnerability management.




• Experience with vulnerability scanners, vulnerability management systems, patch management and host-based security systems.




• Knowledge of vulnerability scoring systems (CVSS/CMSS).




• Experience with Industrial Control Systems (ICS) from the vulnerability exposure and remediation perspective.




• Must possess excellent verbal and written communication skills.




• Ability to learn new technologies.

We offer Medical, TeleMedicine, Dental, Vision, Life and AD&D insurance, 401K, Leave of absence & disability benefits, paid time off & holidays and more.

In accordance with Colorado State Law (https://leg.colorado.gov/bills/sb19-085) the salary range for Colorado for this role is $96K to $130K per Year with 15% bonus target.

Equinix is an equal opportunity employer. All applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a protected veteran, or status as a qualified individual with disabilities.