Required: Tenable Nessus Engineers
IR35 Status: Inside
Duration: 12 month initial contract
Location: 1-2 days onsite in either Central London or Knutsford
Role 1
As an experienced Vulnerability Assessment Engineer responsible for maintaining the Vulnerability Assessment toolsets and products.
Primary Responsibilities
The ability to review requirements, undertake product design followed by Implementation/deployment/support of Vulnerability Assessment tools suite (e.g Tenable, Rapid7, Qualys etc) and peripherals with Engineering.
Maintains local and network credentials and provisions access to vulnerability scanning systems.
Responsible for integration of Vulnerability assessment tooling with other security and IT systems management tools (i.e. Splunk, ServiceNow)
Responsible for developing and maintaining standard processes and operating procedures, creating technical architecture diagrams and system build documentation.
Responsible for operating the scanning tools and maintaining coverage along with supporting the vulnerability management and remediation teams in understating how to remediate vulnerabilities (i.e. laptops, VMs, wireless devices)
Works with vulnerability management team to build asset repositories and asset scan policies
Work closely with customer delivery managers to prioritize daily tasks and participate in technical meetings with customers' technical specialists.
Provide Tier 2/3 support for incidents relating to security tools/solutions.
Continuously improve customers' security deployments and integrate new technologies and services.
Technical Skills & Competencies
5+ years of experience in Vulnerability management domain and experience with working with web Proxy teams and working on vulnerability assessment operational issues
2+ years of experience with performing systems administration in Windows, Linux, VMware environments, including performing troubleshooting, installation or configuration, monitoring system performance or availability, and performing security upgrades
Must have strong communication skills and a solid understanding of IT Security concepts to include vulnerability & patch management, security operations, Incident Management and Incident response.
Experience with integrating Cybersecurity data using enterprise or custom tools data aggregation and analysis tools, including Splunk
Ability to provide support in an IT operations and maintenance, including ticket work information updates, issue response, and remediation by understanding and analysing vulnerability scan results, system audits, log events and troubleshoot software issues.
Strong knowledge and experience with log monitoring and correlations and correlating events from multiple security tools like log correlation engines, Net flow, host monitoring solutions
Excellent troubleshooting/problem solving skills.
Experience of dealing with incident, problem and change management processes.
Proven working experience of Windows and Linux operating systems.
Solid understanding of networking technologies; switches, routers, firewalls, proxies, IDS, IPS.
Role 2
As an experienced Nessus Engineer responsible for maintaining the tool and the remediation of vulnerabilities across the bank.
Primary Responsibilities:
Installing and Configuring Nessus, Nessus Manager, Nessus Agents, Log Correlation Engine, Nessus Network Monitor, and Security Center on both Linux/Unix and Windows based environments
Responsible for installing and configuring Nessus Agents
Secure Tenable server an Enable SSL
Integrating Tenable products with LDAP, Active Directory, and CyberArk.
Responsible for the creation of tenable Organizations, Repositories, and Scan Zones.
Responsible for local and LDAP based user management.
Responsible for configuring tenable plugins/feeds and adding audit files
Responsible for licensing the product both online and offline.
Responsible for adding scan policies, audit policies, and credentials to Security Center, and Nessus Manager.
Responsible for configuring Nessus Manager scan pulls to Security Center
Responsible for importing and adding dashboards
Tenable-Nessus Security Analyst
Responsible for defining scan policies and audit policies
Responsible for adding scan credentials
Responsible for Scheduling scans
Responsible for Generating Scan Reports
Responsible for the Analysis and validation of the scan results.
Responsible the Monitoring the dashboards.
Responsible for defining and configuring dashboards
Technical Skills & Competencies::
5+ years of experience in Vulnerability management domain and experience with working with web Proxy teams and working on vulnerability assessment operational issues
Experience in the design and implementation of enterprise-wide security controls to secure systems, applications, network, or infrastructure services
Hands-on experience with security tools and devices such as network firewalls, web proxy, intrusion prevention system, vulnerability scanner, and penetration testing tools.
Demonstrated understanding of TCP/IP networking concepts and DNS.
3+ years of related Identity Management tools engineering experience, including installing, configuring and troubleshooting experience with one or more of these tools:
CyberArk
Splunk
Tenable-Nessus
LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds.
Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.
