Security Engineer, Vulnerability Management
Belmont
Full Time USD 100K - 150K
RingCentral
Experience Intelligent Phone, Meetings, Contact Center, and AI Solutions with RingCentral, the complete cloud communications platform. Schedule a call today.Security Engineer, Vulnerability Management: (Belmont CA, Denver CO, Dallas TX)
RingCentral is the global leader in cloud-based communications and collaboration software. We are fundamentally changing the nature of human interaction—giving people the freedom to connect powerfully and personally from anywhere, at any time, on any device.
As part of the RingCentral CISO team, you’ll help define and drive security discipline and standards required for complex, business-critical problems supported with elegant, user-friendly solutions that perform at massive scale. It’s a once-in-a-career chance to get your hands on the latest-and-greatest technologies, and build the platform that’s reshaping the way the world communicates.
About this role:
As a Security Engineer, Vulnerability Management at RingCentral, your primary responsibilities will be to perform vulnerability scans of our systems and networks, and monitor, triage and track remediation of vulnerabilities. In addition you'll be developing automation for these tasks. This role is a hybrid role, to be based at our Belmont CA, Denver CO, or Dallas TX offices.
Primary Duties:
⦁ Maintain Vulnerability Management process
⦁ Perform vulnerability scans using different tools/methods
⦁ Prioritize findings and assign them to system/service owners
⦁ Monitor for, triage and track remediation of vulnerabilities in our systems and networks
⦁ Conduct risk-based evaluation of policy exception requests
⦁ Develop automatization for all steps above
⦁ Develop visualization of current VM state
⦁ Participate in and assist with audits of information security program (FedRAMP, SOX, GDPR, SOC2, HITRUST)
⦁ Act as a member of the information security policy review committee
Additional Roles and Responsibilities:
⦁ Conduct routine log review of information security events, investigating and responding as necessary
⦁ Maintain and enhance monitoring capabilities to ensure the integrity of our systems and networks
⦁ Act as a member of the Incident Response Team, triaging, responding to and reporting incidents and associated metrics
⦁ Administer and maintain security products (phishing training, vulnerability management, web application firewall, SIEM, IDS, (h)IPS, EDR, etc)
⦁ Participate in on-call rotation
⦁ Maintain a comprehensive understanding of our information systems
⦁ Work closely with the multiple operation teams to implement and enforce our policy
⦁ Coordinate and participate in external assessments of our information security (risk assessment, penetration test, incident response tabletop)
Required Skills:
⦁ Experience operating vulnerability scanning tools (Qualys, Nessus, etc)
⦁ Familiarity with vulnerability management concepts, such as CVE and CVSS
⦁ Familiarity with hardening standards and benchmarks (CIS, STIG, etc)
⦁ Strong knowledge of endpoint and server operating systems (e.g. Windows, macOS, Linux) and relevant security risks, controls, and vulnerabilities
⦁ Strong knowledge of network and network security fundamentals
⦁ Familiarity with enterprise security tools (antivirus, firewalls, email monitoring, two-factor authentication, SIEM, IDS/IPS, etc.)
⦁ Familiarity with AWS environments and AWS security tools
⦁ Knowledge of and experience with compliance/remediation efforts of relevant domestic and international security standards and best practices such as FedRAMP, SOX, SOC2, NIST, GDPR and HIPAA
⦁ Familiarity with cloud computing environments and applications in a security context strongly preferred
⦁ Ability to quickly change priorities and handle simultaneous tasks
⦁ Excellent oral and written communications
Education / Pre-requisites:
⦁ 3-5 years' experience in an information security field
⦁ US Citizenship required
⦁ BS degree in Computer Science, Cyber Security, Information Technology (or related discipline); Graduate degree in Information Assurance (or related discipline) or equivalent formal training and experience in Information Security
⦁ CISSP or GIAC certifications preferred
What we offer:
RingCentral offers all the work/life benefits you could ever want, (and none of the micromanagement.)
⦁ Comprehensive medical, dental, vision, disability, life insurance
⦁ Health Savings Account (HSA), Flexible Spending Account (FSAs) and Commuter Benefits
⦁ 401K match and ESPP
⦁ Flexible PTO
⦁ Wellness programs including1:1 wellness coaching through TaskHuman and meditation guidance through Headspace
⦁ Paid parental leave and new parent gift boxes
⦁ Pet insurance
⦁ Employee Assistance Program (EAP) with counseling sessions available 24/7
⦁ Rocket Lawyer services that provide legal advice, document creation and estate planning
⦁ Employee bonus referral program
RingCentral’s work culture is the backbone of our success. And don’t just take our word for it: we are recognized as a Best Place to Work by Glassdoor, the Top Work Culture by Comparably and hold local BPTW awards in every major location. Bottom line: We are committed to hiring and retaining great people because we know you power our success.
About RingCentral:
RingCentral, Inc. (NYSE: RNG) is a leading provider of business cloud communications and contact center solutions based on its powerful Message Video Phone™ (MVP™) global platform. More flexible and cost effective than legacy on-premises PBX and video conferencing systems that it replaces, RingCentral® empowers modern mobile and distributed workforces to communicate, collaborate, and connect via any mode, any device, and any location.
RingCentral is headquartered in Belmont, California, and has offices around the world. If you are hired in Colorado, the compensation range for this position is between $100,000 and $130,000. If you are hired in Belmont, the compensation range for this position is between $120,000 and $150,000.
RingCentral is an equal opportunity employer that truly values diversity. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We are committed to providing reasonable accommodations for individuals with disabilities during our application and interview process. If you require such accommodations, please click on the following link to learn more about how we can assist you.
Tags: Antivirus Audits Automation AWS CISO CISSP Cloud Compliance Computer Science CVSS EDR FedRAMP Firewalls GDPR GIAC HIPAA HITRUST IDS Incident response IPS Linux MacOS Monitoring Nessus Network security NIST Qualys Risk assessment SIEM SOC 2 SOX Vulnerabilities Vulnerability management Vulnerability scans Windows
Perks/benefits: 401(k) matching Career development Flexible spending account Flex vacation Health care Insurance Medical leave Parental leave Salary bonus Team events Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs