Job Description
The Company
Serving the People Who Serve the People
Granicus is driven by the excitement of building, implementing, and maintaining technology that is transforming the Govtech industry by bringing governments and its constituents together. We are on a mission to support our customers with meeting the needs of their communities and implementing our technology in ways that are equitable and inclusive. Granicus has consistently appeared on the GovTech 100 list over the past 5 years and has been recognized as the best companies to work on BuiltIn.
Over the last 25 years, we have served 5,500 federal, state, and local government agencies and more than 300 million citizen subscribers power an unmatched Subscriber Network that use our digital solutions to make the world a better place. With comprehensive cloud-based solutions for communications, government website design, meeting and agenda management software, records management, and digital services, Granicus empowers stronger relationships between government and residents across the U.S., U.K., Australia, New Zealand, and Canada. By simplifying interactions with residents, while disseminating critical information, Granicus brings governments closer to the people they serve—driving meaningful change for communities around the globe.
Want to know more? See more of what we do here.
What you will be doing:
Manage and improve the operations of existing security tools, including Vulnerability Management, Threat Intelligence, end Endpoint Detection and ResponseRun vulnerability (SAST) and application (DAST) scans accurately and on a timely basisWork with Compliance colleagues to accurately document and track vulnerabilities and remediationManage the lifecycle of organizational security toolsHelp technical teams determine application risks related to privileged access on endpointsWork with cross functional teams as a security representative during incidentsReview proposed changes for potential security issuesParticipate in an on-call rotation to ensure 24x7 escalation support for incidentsEnsure the confidentiality, integrity, and availability of information assetsSome things we’d like you to know (you don’t have to have them all):A passion to figure out the who, what, when, and why of a situationAn attention to detail to ensure the vulnerability management operations are run accuratelyDirect experience in the specific technical areas of systems administration, application development, database administration, network operations, or data center operationsThe ability to continuously learn new methods and technologies and identify gaps that should be addressedExperience in a common scripting language like Python, Powershell, etcRunning a vulnerability management process using common technologies like NessusUnderstanding of Infrastructure as a Service (IaaS) cloud platforms, such as IAM, compute (EC2), networking (VPC, Load Balancers), serverless (Lamda), and Containers (EKS), in order to identify and prioritize potential security challengesFamiliarity with IDS/IPS, SIEM, DLP, firewalls, vulnerability management systems, and endpoint security products, including management and configuration of the toolsAbility to write technical Standard Operating Procedures (SOPs) and train team members
