Sr. Vulnerability Assessor

Company Introduction

Coupang is reimagining the shopping experience with the goal of wowing each customer from the instant they open the Coupang app to the moment an order is delivered to their door.
Powered by an outstanding end-to-end e-commerce and logistics network and a fanatical culture of customer centricity, Coupang has broken tradeoffs around speed, selection and price. Today, we provide exceedingly fast shipping speeds on millions of items including fresh groceries, delivered within hours nationwide, 365 days a year.
We are doing this for millions of consumers in Korea. Korea is home to one of the largest and fastest growing e-commerce opportunities anywhere in the world.

Key Responsibilities: 

• Ensure automated security vulnerability is run periodically in line with policies, standards across IT Infrastructure, endpoints, on-premises, public cloud environments, and 3rd party packages and libraries. 

•  Identify critical exploitable known CVE security vulnerabilities on a daily basis. 

• Contextualize identified security vulnerability in systems. 

• Perform risk assessment on affected assets. 

• Prioritize identified security vulnerabilities using Coupang bug bar programs.   

• Notify engineers and security architects of the identified security vulnerability by issuing tickets in accordance with security policy, standard, and guidelines. 

• Improve methodology, processes, infrastructure, and tools to enhance security vulnerability assessment capability. 

• Maintain knowledge of security vulnerabilities being exploited by threat actors in the wild.   

• Improve and maintain existing security vulnerability management program. 

Qualifications: 

• Experience with network-based and cloud-native security vulnerability scanning and patching. 

• Knowledge of operating systems, network, cloud environments, and application security. 

• Good knowledge of and experience on CVE, CVSS and other vulnerability scoring systems. 

• Good written and verbal communication skills. 

Preferred Qualifications: 

• Working experience in operating Tenable Nessus scanner and CIS Benchmarks. 

• Good understanding of Jira automation rules and computer programming languages. 

• Fluent in both English and Korean.