Security Vulnerability Engineer

Apply Now

Company: Omni Inclusive

Location: Bellevue, WA 98006

Description:

Primary Tasks and Responsibilities:
  • Assist in defining, driving, and delivering key elements of vulnerability management strategy, deriving best practices for vulnerability and exposure analysis across the Company
  • Establish regular and actionable vulnerability reports for review by Leadership and Engineers
  • Collaborate and build relationships across Engineering teams, driving cross-functional alignment to drive clarity relative to vulnerability remediation requirements
  • Establish vulnerability review processes, maintaining professional skepticism when reviewing for false positives and exception requests from Engineering teams
  • Proactively engage Engineering teams to ensure timely remediation of vulnerabilities identified during application security assessments, cloud infrastructure vulnerability scans, and manual application security tests
  • Ability to use automation tools to write orchestration playbooks to remediate configuration issues/apply patches, etc.
  • Manage day-to-day operations of vulnerability identification and remediation
  • Be curious about produces services and how cyber risks and vulnerabilities could impact operations
  • Use prior experience to lead, mentor, and coach peers in effectively managing vulnerabilities
  • Maintain current knowledge and understanding of application and infrastructure security best practices to offer the best solutions and protection to Company services
  • Continuously review security and privacy practices
  • Interact with privacy and compliance teams to deliver the Fabric of Trust that will be infused
  • Upkeep of vulnerability management security tooling

Key Qualifications:
  • The knowledge, skills and abilities typically acquired through the completion of a bachelor's degree program or equivalent degree in a field of study related to Computer Science, Information Security and Information Systems
  • 5+ years of experience in managing vulnerabilities at a fast-paced cloud hosted environment
  • Must have prior development experience with Python, .NET, and Java code languages
  • Experience designing and managing a world-class vulnerability management program
  • Excellent written and verbal skills
  • Ability to be a self-starter and motivated to help Engineering teams understand cyber security best practices
  • Advanced knowledge of SAST, DAST, OSS, web-app pen-test, and offensive security assessment tools
  • Experience creating and implementing strategies for complex systems
  • Knowledge and experience with information security controls, infrastructure, and implementation techniques

Preferred Qualifications
  • Experience in improving vulnerability remediation requirements
  • Certifications in Information Security, e.g., GSEC, GCWN, GDSA, CISSP, HCISP, CCSP, CRISC, CISM, Security+, or other security relevant accreditations
  • Offensive Security certifications are a plus, e.g., GCIH, GPEN, GXPN, OSCP, OSEE, CEH
  • Experience in delivering product security in one or more public clouds (Azure, AWS, GCP)
  • Experience in securely operating highly distributed systems with published SLAs
  • Experience with supporting engineering compliance, e.g., HIPAA, ISO, SOC2

Similar Jobs