Senior Information Security Engineer

• Lead vulnerability assessments and policy compliance scans across on prem, cloud, container (Docker/Kubernetes), database, and web environments using tools like Qualys.
• Validate scan results, eliminate false positives, and deliver accurate, actionable reports to stakeholders.
• Serve as technical SME: analyze findings, diagnose root causes, and guide remediation efforts.
• Develop and maintain a knowledge base to support continuous improvement and team expertise.
• Stay current on emerging threats, tools, and VM lifecycle advancements; recommend service enhancements.
• Communicate security requirements effectively across the organization and step in as interim team lead when necessary.

• 8+ years in information security
• Bachelor s in Engineering, CS, IT, or equivalent.
• Industry certifications preferred: CISSP, CISA, CISM, CRISC, CCNA/CCNP/CCIE Security.

• Proficient with vulnerability scanning platforms (Qualys, Nessus, etc.), false-positive tuning, and compliance frameworks.
• Experience across cloud, on prem systems, network devices (routers, firewalls, proxies), and infrastructure components.
• Skilled in risk/threat assessment and security policy enforcement.
• Familiar with containers, DDI (DNS/DHCP/IPAM), WAF/CDN/DDOS solutions (e.g., Infoblox, Zscaler, Imperva).
• Advantageous: scripting (Python), and use of monitoring tools like Spectrum, SevOne, ThousandEyes, CyberArk, MS Entra ID.

• Excellent analytical, communication, and report-writing abilities.
• Strong organizational and time-management skills.
• Demonstrated leadership: capable of guiding teams, managing escalations, and fostering security culture.
• Adaptable self-starter with a commitment to continuous learning and proactive problem solving.

Epergne Solutions