Information Security Engineer

• Conduct vulnerability assessments and policy compliance scanning using tools like Qualys across on-prem, cloud, container environments, databases, web services, and infrastructure.
• Validate scan results, eliminate false positives, and produce accurate, high-quality vulnerability reports.
• Act as technical SME to analyze findings, trace root causes, and recommend sustainable remediations to support teams.
• Maintain and share a knowledge base for vulnerability management, ensuring team-wide expertise.
• Research emerging vulnerabilities, trends, and improvements in the vulnerability management lifecycle.
• Communicate security policies, procedures, and compliance requirements clearly across all organizational levels.
• Provide leadership support by stepping in for the team lead when needed.

• 6+ years in information security
• Degree in Engineering, Computer Science, or related field.
• Industry certifications are a plus (e.g., CISSP, CISA, CISM, CRISC, CCNA/CCNP Security, CCIE).

• Expert in vulnerability scanning and compliance tools (e.g., Qualys).
• Skilled in assessing on-prem, cloud, container (Docker, Kubernetes), databases, and application stacks.
• Experience with security infrastructure: firewalls, routers, switches, load balancers, proxies.
• Strong analytical capabilities for root-cause analysis and risk assessment.

• Able to guide remediation efforts and influence infrastructure/application teams.
• Exceptional written and verbal communication, capable of clear reporting and policy articulation.
• Strong organizational, time-management, and team mentorship skills.

• Proactive learner, adaptable to evolving threats and technologies.
• Hands-on risk assessment and threat modeling expertise.
• Ready to take on ad-hoc duties and support team leadership as needed.

Epergne Solutions