Information Security Engineer, Vulnerability Management and Operation
We are seeking an exceptional Security Engineer to support vulnerability management program. This is a technical, operation-oriented and hands-on role in a dynamic and fast-paced environment.
You'll be working with various applications and systems to manage vulnerabilities, to follow up with different teams, to drive remediation, and also to improve our current processes.
DESCRIPTION
- You will join a team that passionately stays up to date on emerging security vulnerabilities and threats, keeps a cool head in crisis, and advocates every day for improving the security of products and services.
- You will need to have a good technical background, and a high interest in network, system, and web security.
- The role also requires excellent communication skills to effectively collaborate with diverse teams. Specific responsibilities include:
- Work cross-functionally with different teams to identify and assess vulnerabilities, and guide them through the full remediation lifecycle with a focus on timely resolution and outcome-driven communication.
- Utilize programming to analyse big data dump related to systems and applications to extract key information for vulnerability impact analysis.
KEY QUALIFICATIONS
- BS in Computer Science, Information Technology, Information Security, or related field
- 3 years' experience in information security or related field
- Self-Starter with flexibility of working remotely and supporting a global team
- Ability to track and lead numerous activities concurrently
- Passionate about keeping our customers data safe
- In-depth understanding of vulnerability scanning tools like Tenable, Qualys, etc
- Familiarity with common security vulnerabilities and the ability to judge their severity and impact to the business
- Ability to analyze vulnerabilities and understand criticality to provide remediation guidance
- Ability to communicate, support and drive remediation for identified vulnerabilities independently
- Driven to automate and improve continuously
- Ability to run proof of concept for known vulnerabilities
- Demonstrable understanding of IPv4 and IPV6 networks
- Familiar with one or more of the following programming: Python, Go, Rust, and/or Bash scripting
- Excellent critical thinking skills
- Ability to solve logic/algorithmic problems
- Experience with SQL and Linux
- Experience with penetration testing
- Knowledge of the security research community
