Senior Security Engineer, Threat and Vulnerability Management Team - US Remote Option

We are looking for an experienced, Senior Vulnerability Management Engineer who can navigate complex threat scenarios and remain committed to decreasing the overall attack surface of the company. Enterprise Vulnerability Management remains a top priority at Guidewire, and you will be responsible for implementing and managing enterprise vulnerability tools and processes in a cloud environment, to reduce technical risks due to vulnerabilities. This includes identifying and evaluating vulnerabilities and supporting remediation activities.

Responsibilities

• Managing the end-to-end infrastructure vulnerability management life cycle from discovery to closure.
• Prepare vulnerability data and develop comprehensive, accurate reports to both technical and executive audiences.
• Producing vulnerability, configuration, and coverage reporting to demonstrate assessment coverage and remediation effectiveness
• Review all applicable threats, discover vulnerabilities and collaborate with remediation treatment owners to prioritize, provide context and remediate identified vulnerabilities.
• Serving as an escalation point on issues, dependencies, and risks related to infrastructure vulnerability scanning
• Ensure knowledge creation around vulnerability management process, common vulnerabilities within the landscape and corresponding remediation practices.
• Research the latest security best practices and technologies, staying on top of new threats and vulnerabilities to create threat briefs and provide timely assessment reports to key stakeholders.
• Supporting compliance and risk management activities, recommending security controls and corrective actions to mitigate vulnerability risks.

Requirements

• Prior experience with managing and configuring any vulnerability management tool such as Rapid 7, Tenable, Qualys, etc.
• Persuasive mindset with strong relationship management skills to work with various stakeholders proactively on vulnerability assessment and remediation
• Thorough understanding of enterprise security controls, network protocols and operating system (Windows/Linux environments)
• Hands on experience handling vulnerability management operations for cloud workloads at scale in AWS/Azure
• Ability to conduct thorough analysis, automate redundant process and recommend data driven actions
• Results-oriented, high energy, self-motivated and love for a team environment.
Good to have:
• Ability to automate solutions to repetitive problems/tasks using scripting languages such as Perl, Python, PowerShell or Bash.
• Certifications from SANS, Offensive Security, ISC2, AWS is a plus.

About GuidewireGuidewire is the platform P&C insurers trust to engage, innovate, and grow efficiently. We combine digital, core, analytics, and AI to deliver our platform as a cloud service. More than 450 insurers, from new ventures to the largest and most complex in the world, run on Guidewire.
As a partner to our customers, we continually evolve to enable their success. We are proud of our unparalleled implementation track record with 1000+ successful projects, supported by the largest R&D team and partner ecosystem in the industry. Our Marketplace provides hundreds of add-ons that accelerate integration, localization, and innovation.
For more information, please visit www.guidewire.com and follow us on Twitter: @Guidewire_PandC.
Guidewire Software, Inc. is proud to be an equal opportunity and affirmative action employer. We are committed to an inclusive workplace, and believe that a diversity of perspectives, abilities, and cultures is a key to our success. Qualified applicants will receive consideration without regard to race, color, ancestry, religion, sex, national origin, citizenship, marital status, age, sexual orientation, gender identity, gender expression, veteran status, or disability. All offers are contingent upon passing a criminal history and other background checks where it's applicable to the position.
Disability Accommodations and Guidewire’s Appeals Process. Guidewire provides accommodations to the hiring process to create a fair opportunity for candidates with disabilities to contend for open positions. Accommodation requests should be directed to (650) 356-4940 or Accommodations@guidewire.com. If things do not go as hoped, we invite you to use our appeals process. Guidewire promises to independently review any denied accommodation and any decision not to offer you the position. The appeals process is the same in either case. Within five business days of receiving a notice of denial of an accommodation, or receiving a notice of your non-selection for a vacancy, call (650) 356-4940 or e-mail Accommodations@guidewire.com to make an appeal. Guidewire will assign a new decision-maker to review the request and/or hiring decision, who will then notify you in writing of a decision within 10 business days.