Security Engineer with Vulnerability Management

Role: Security Engineer - Vulnerability Management

Location: Mountain View CA (100% Onsite)

Contract

Job Summary:

We are looking for a passionate, innovative, and motivated Security Engineer to provide technical leadership for the Vulnerability Management Program. As a Security Engineer will be responsible for identifying, analyzing, and mitigating security vulnerabilities in our systems. This role requires a deep understanding of security vulnerabilities, OWASP, and automation. The ideal candidate will have experience working with product development teams to mitigate vulnerabilities and generate automated metrics. Here's the fun part: the projects span the entirety . That means you'll work closely with product teams, industry experts, security partners, and our leadership across our entire portfolio of apps and services.

Responsibilities:

• Identify, analyze, and prioritize security vulnerabilities in our systems.
• Develop and implement strategies for vulnerability management and remediation.
• Work with a team of software and security engineers that design, build, and own software solutions that scale high fidelity vulnerability contextualization and tracking.
• Implement automation to improve our operational efficiency and to streamline vulnerability management processes.
• Dive into large datasets to identify strategic opportunities for security posture improvement.
• Perform vulnerability and impact assessments/analysis to determine the real impact to our systems and applications by incorporating threat intelligence and environmental factors.
• Generate automated metrics to track vulnerability management progress.
• Triage security vulnerabilities and provide recommendations for mitigation.
• Stay up-to-date with the latest security vulnerabilities and countermeasures.
• Conduct regular security audits to ensure the system is protected.
• Develop and maintain documentation related to vulnerability management processes and decisions.

Preferred Qualifications:

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 3 years of experience in identifying security issues and risks, and developing mitigation plans or with vulnerability management programs.
• 5 years of experience in network, system, or software architecture, design, implementation, support, and evaluation of security-focused tools and services
• Proficiency with at least one scripting or coding language (Python, Java, Ruby, Node).
• Proficiency in Data Analytics, Tableau, Qlik Sense, SQL and AWS
• Proven experience as a data analytics, security engineer or similar role.
• Experience with JIRA, ServiceNow and Salesforce is a plus.
• Strong knowledge of OWASP, SANS 25 and security vulnerabilities.
• Understanding of cloud and containers infrastructure i.e. Amazon Web Service (AWS), Google Cloud Platform (Google Cloud Platform), Docker, Kubernetes.
• Experience with Confluence, JIRA, Service Now.
• Experience influencing software engineers to build products meant to scale security solutions.
• Experience generating automated metrics to measure service and program effectiveness and consistency.
• Excellent communication and presentation skills with the ability to communicate complex security concepts to technical and non-technical stakeholders.
• Strong analytical and problem-solving skills with the ability to identify and prioritize vulnerabilities based on risk.
• Relevant professional certifications such as CISSP, CISM, or CEH would be a plus.
• This is mandatory work from office (Mountain View CA).

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.