Information Security Threat AND Vulnerability

Information Security Engineer The position will work closely with other Information Security Engineers and IT functions to ensure appropriate controls are in place, and to ensure that security policies are being effectively employed. Responsible for running and growing the Threat & Vulnerability Management program. Leads and coordinates stakeholder meetings with affected stakeholders as well provides updates to management regarding scanning results and remediation plans. This position can be full time remote and can be done from any location in the US.* Demonstrate Information Security Threat and Vulnerability Management expertise * Responsible for configuring vulnerability assessment tools, as well as performing scans, researching and analyzing vulnerabilities, identifying relevant threats, corrective action recommendations, summarizing and reporting results * Coordinate scanning activities with cross functional teams and work collaboratively with all levels of the business * Analyze penetration test results and engage with technology partners and business units in order to resolve identified vulnerabilities within SLAs * Approaches for addressing vulnerabilities include system patching, deployment of specialized controls, standards or infrastructure changes, and/or changes in development processes. Identify and resolve any false positive findings in assessment results * Develop and publish advanced reports based on KPIs that drive reduction in the risk to the business and are tailored to the risk of each vertical * Produce metrics and reporting on the state of system security, threat, vulnerability and patch management * Oversee Remediation Activities: * Manage tracking and remediation of vulnerabilities by leveraging agreed-upon action plans and timelines with responsible technology developers and support teams. * Recommend appropriate policy, standards, process and procedural updates as part of comprehensive remediation solutions. * Validate remediation by reviewing application updates or deployed mitigations to verify resolution. Keywords: Education: * BS in Computer Science or equivalent with 7+ years of technical or security training experience. * Technical network (e.g. CCNA, CCNP Security) and security certifications highly desirable (e.g. CISA, CISSP, GCIH). * Understanding of controls (e.g. access control, auditing, authentication, encryption, integrity, physical security, and application security). * Must be well versed in operating systems such as Linux as well as Windows environments, Active Directory, encryption schemas and algorithms, various authorization and authentication mechanisms/software, network monitoring and sniffing, TCP/IP networks, Threat and vulnerability management. * Experience with industry standard vulnerability scanners, vulnerability management systems, patch management and host-based security systems. * Project Management skill is a plus Equinix is an equal opportunity employer. All applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a protected veteran, or status as a qualified individual with disability.