Threat and Vulnerability Manager

ESSENTIAL DUTIES AND RESPONSIBILITES

•  Deploy, configure and manage infrastructure vulnerability management products, tools and solutions to help augment security threat monitoring, detection, prevention and compliance as part of Guidewire’s cloud security architecture (Rapid 7, Qualys, Nessus, Risk Based Scanning Tools)
•  Work with Cloud Operations, IT and product teams to perform POCs and track deployments for initiatives and/or changes in the Guidewire’s public cloud environment
•  Responsible for the vulnerability management program that includes periodic scanning, reporting, and tracking remediation of the security vulnerabilities discovered in AWS and data center assets
•  Develop and enforce cloud security standards in AWS including IAM policies, security groups, S3 bucket policies, encryption, network security, cloud workload and container security, logging, monitoring etc.
•  Any experience (technology or non-technology) related to managing a team or people would be desirable since this role will be helping build a program and team
•  Willingness to be on call and serve as the point of contact for information security alerts and incidents 

REQUIREMENTS

•  5+ years of previous experience working in security operations, administration, threat and vulnerability management – experience with automation and familiarity with “Infrastructure as Code” in the public cloud
•  Minimum 5 years of experience deploying, testing and configuring multiple security technologies including Vulnerability Scanners, AWS Cloud Security platform tools. He/she should be able to share some of the success and failure stories they have had to go through in the past around build an effective vulnerability management program
•  Thorough knowledge of the TCP / IP protocol suite, securing and hardening Operating Systems, Networks, Databases and Web Applications Information
•  Hands on experience in running vulnerability scans, analyzing and tracking vulnerabilities with asset owners for timely remediation
•  Basic hands-on experience with a public Cloud platform (AWS, Azure, GCP) with understanding/working knowledge of IaaS platforms and services (i.e., VPC, EC2, S3, RDS, Lambda, AWS WAF, CloudFront, ECS, Flow Logs etc.) is required
•  Experience developing and maintaining hardening and configuration standards and procedures
•  Security certifications like CISSP, GSEC, CEH, AWS certification etc. are highly desired
•  Familiarity with industry common information technology control frameworks, particularly SOC1/2, Cloud Security Alliance, and ISO 27001/2.
•  Excellent verbal and written communication skills and ability to document and explain technical details, standards and reports clearly and concisely
•  B.S. degree in Computer Science or related field or equivalent combination of professional development training and experience