Security Engineering - Vulnerability Management Engineer
Lisbon, Lisboa, Portugal
Talkdesk
Talkdesk is a global cloud contact center leader for modern AI-powered customer service that is trusted, flexible, and innovative. Get a demo today.At Talkdesk, we are courageous innovators focused on redefining customer experience, making the impossible possible for companies globally. We champion an inclusive and diverse culture representative of the communities in which we live and serve. And, we give back to our community by volunteering our time, supporting non-profits and minimizing our global footprint. Each day, thousands of employees, customers and partners all over the world trust Talkdesk to deliver a better way to great experiences.
We are recognized as a cloud contact center leader by many of the most influential research organizations, including Gartner and Forrester. With $498 million in total funding, a valuation of more than $10 Billion, and a ranking of #17 on the Forbes Cloud 100 list, now is the time to be part of the Talkdesk legacy to help accelerate our success in a new decade of transformational growth.
At Talkdesk, we are courageous innovators focused on redefining customer experience, making the impossible possible for companies globally. We champion an inclusive and diverse culture representative of the communities in which we live and serve. And, we give back to our community by volunteering our time, supporting non-profits and minimizing our global footprint. Each day, thousands of employees, customers and partners all over the world trust Talkdesk to deliver a better way to great experiences.
We are recognized as a cloud contact center leader by many of the most influential research organizations, including Gartner and Forrester. With $498 million in total funding, a valuation of more than $10 Billion, and a ranking of #17 on the Forbes Cloud 100 list, now is the time to be part of the Talkdesk legacy to help accelerate our success in a new decade of transformational growth.
At Talkdesk, our Engineering team follows a micro-service architecture approach to build the next generation of Talkdesk, with vertical teams responsible for all the decisions under their services. Through our Agile Coaches, we promote agile and collaborative practices, we are huge fans of Scrum, pair programming and we won’t let a single line of code reach production without peer code reviews. We strongly believe that the only true authority stems from knowledge, not from position and we always treat others with respect, deference and patience.
Are you passionate about all things security? As a member of the Engineering Security Team at Talkdesk you will help on the team effort of building a safer Talkdesk.
As a vulnerability management engineer you will be responsible for:
- Review vulnerabilities from multiple sources (pipeline security, internal/external pentest, incidents, etc) and across several technologies;
- Vulnerabilities risk assessment based on the assets profile;
- Communicate the risk to the stakeholders and recommend cost-effective remediations, including timeline commitments;
- Be a subject-matter expert (SME) and collaborate with development teams;
- Perform threat modeling (e.g., using STRIDE);
- Extract periodic reports to monitor the risk trend;
- Provide internal security training for engineering teams;
- Participate in the implementation of several security controls and solutions.
Must have:
- Knowledge in applications and systems security
- Knowledge in distributed computing principles
- Knowledge in cryptographic concepts
- Knowledge of networking and web protocols
- Experience with security tools
- Coding experience in one or more general-purpose languages (e.g., Java, Ruby, Python)
- Understanding of OWASP Top 10 security flaws
- Linux/Unix proficiency
- Excellent written, verbal, and conversational communication skills
- Fluent in English, both verbal and written
- Critical thinking skills and the ability to solve problems as they arise
- Comfortable working in a fast-paced environment
Nice to have:
- Experience with Infrastructure as Code (Terraform and / or Ansible preferred)
- Experience with common infrastructure cloud providers
- Experience with SAST / IAST / DAST tools
- Experience in application architecture security review
- Strong understanding of cybersecurity standards and frameworks, e.g., ISO27001, NIST, CIS, OWASP, SANS
- Certifications such as OSCP, CISM, CISSP, GSEC
The Talkdesk story hinges on empathy and acceptance. It is the shared goal among all Talkdeskers to empower a new kind of customer hero through our innovative software solution, and we firmly believe that the best path to success for our mission is inclusivity, diversity, and genuine acceptance. To that end, we will hire, promote, work along, cheer for, bond with, and warmly welcome into the Talkdesk family all persons without regard to ethnic and racial identity, indigenous heritage, national origin, religion, gender, gender identity, gender expression, sexual orientation, age, disability, marital status, veteran status, genetic information, or any other legally protected status.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Ansible CISM CISSP Cloud DAST GSEC ISO 27001 Java Linux NIST OSCP OWASP Python Risk assessment Ruby SANS SAST Scrum Terraform UNIX Vulnerabilities Vulnerability management
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open EDR-related jobs