Security Engineer, Infosec Operations
About Us
Thrive is a rapidly growing technology solutions provider focusing upon Cloud, Cyber Security, Networking, Disaster Recovery and Managed Services. Our corporate culture, engineering talent, customer-centric approach, and focus upon “next generation” services help us stand out amongst our peers. Thrive is on the look-out for individuals who don’t view their weekdays spent at “a job”, but rather look to develop valuable skills that ignite their passion and lead to a CAREER. If you’re attracted to a “work hard, play hard” environment, seeking the guidance, training and experience necessary to build a lucrative career, then welcome to THRIVE!!
Position Overview:
We're seeking a proactive and technically adept Security Engineer to contribute to our vulnerability management program and actively participate in autonomous penetration testing initiatives. In this role, you'll drive vulnerability assessments, including scanning and penetration testing, while effectively communicating findings and remediation strategies to diverse stakeholders. You'll also play a key role in managing and enhancing our security awareness programs to empower users against evolving threats. This role demands a combination of hands-on technical skills, analytical capabilities, and strong communication to ensure our clients' environments remain secure.
Primary Responsibilities
Drive vulnerability scanning activities using industry-standard tools.
Assist with autonomous penetration testing initiatives
Analyze scanning outputs and make informed decisions on vulnerability severity and prioritization
Collaborate with internal support teams and clients to clearly articulate vulnerability remediation needs, tailoring explanations to both technical and non-technical stakeholders, including direct communication with customers
Distinguish between project-level remediation and issues covered by support offerings.
Open and track assignment tickets to ensure timely resolution
Manage and configure security awareness training and phishing campaigns for our customers, proactively identifying areas for improvement and innovation to drive continuous program enhancement
Customize reports to align with client reporting needs and requirements
Creation and ongoing upkeep of materials documenting our security processes, procedures, and technologies, along with the generation of automated reports for relevant stakeholders
Stay informed about the latest security events and techniques to proactively address emerging threats
Contribute to the creation and updating of client security presentations.
Other duties as required
Qualifications
Bachelor's degree in Cybersecurity, Computer Science, or a related field is preferred
Relevant cybersecurity certifications (e.g., CISSP, OSCP, Security+, GIAC and Azure certifications) are a plus
Proven experience in vulnerability management, including scanning, analysis, and remediation.
Hands-on experience with systems and network/firewall administration
Experience with Active Directory administration
Experience with SIEM and EDR technologies
Heavy experience with TCP/IP network protocols, application layer protocols (e.g., HTTP, SMTP, DNS, etc.)
Ability to analyze a large amount of data from various sources and use this information to solve complex problems and make good decisions
Knowledge of risk assessment tools, technologies, and methods
Demonstrated understanding of cybersecurity threats and incident response procedures.
Proficiency in developing and automating client-facing reports
Excellent written and verbal communication skills for both technical and non-technical audiences
Must be able to work effectively in a team environment and collaborate within the team and other stakeholders
Demonstrate comprehension of good security practices
Knowledge of programming languages
Passion for cybersecurity and continuous learning