We look for the risk-takers , the collaborators , the inspired and the inspirational. We want the people who are brave enough to work at the cutting edge and create solutions that will enrich and improve the lives of people across the globe. So, if you want to make the world say wow, let's talk.
The conversation starts here. If this role matches your ambitions and skillset, let's get started with your application. Take a look at our other open positions too. Our many opportunities can lead to infinite possibilities.
** Responsibilities**
Serve as a Security Vulnerability Research Engineer who identifies threats and vulnerabilities, conducts research and analysis and validates issues to provide meaningful reports and relevant information to Global SIE organizations.
Facilitate work efforts related to vulnerability scanning appliance deployment, maintenance and patch management, and security operations across Global SIE teams in support of the Global Vulnerability Management Framework.
Use security, networking, and automation tools to enable early identification of threats to provide evidence-based security situational awareness, improved decision-making, and allow for timely threat mitigating actions.
Conduct detailed research and analysis of findings to eliminate false positives, provide mitigation techniques, and to significantly reduce time-to- remediation.
Build and publish remediation prioritization based on research, threat intelligence data as well as confidentiality, integrity, and availability requirements of SIE systems.
Facilitate implementation of security configurations and hardening settings for networks, operating systems, applications, databases, and other information system components.
Engage with partners, to include engineering and IT professionals, management, and auditors to Communicate security and compliance issues and ensure remediation.
Recommend appropriate remedial actions to mitigate risks and ensure information systems employ appropriate level of information security controls.
Perform continuous security validation testing for SIE network, cloud, and endpoint environments to provide improved visibility to our overall security posture.
Research and characterize risks to networks, operating systems, containers, applications, databases, and other information system components to facilitate implementation of configurations and hardening settings for these environments.
Provide remediation support to operations and service teams, ensure that vulnerabilities are mitigated or remediated within the timeframes specified in the SIE Global Vulnerability Management Standard.
Support multi-functional team efforts for asset management, tagging, and grouping.
Develop and demonstrate Proof of Concepts for identified vulnerabilities to convey business impact to partners and to distinguish true risk to SIE environments.
Evolve the Vulnerability Management toolsets and reporting to provide better vulnerability insight, create effective communications and meaningful reporting, and to automate vulnerability management-related operations and processes.
Find opportunities to improve asset inventories and better enrich vulnerability data. Conduct ongoing research to help validate completeness or identify “gaps”.
Collaborate with DevOps teams to improve security tool integration into CICD pipelines.
Ensure that documentation, data, assessment information, and Vulnerability Management program information are kept up to date.
Mentor, train, and assist personnel in the execution and use of new technologies, processes, and services.
Some travel may be required.