Senior Security Vulnerability Engineer

Job Description

We’re looking for a Senior Security Vulnerability Engineer to join Procore’s Security Strategy & Operations team in the Office of the CSO. In this role, you’ll be a key contributor in developing and operationalizing the Security Vulnerability Management Program. As a Senior Security Vulnerability Engineer, you’ll partner with software and infrastructure engineering to prioritize and mitigate security defects and vulnerabilities across Procore's business and technology environments. 

You will use your knowledge of cloud infrastructure and application vulnerabilities, influencing and communication ability, and knowledge of remediation techniques to prioritize and expedite vulnerability resolution. The person in the position will build and maintain relationships with the security team and the vulnerability owners to negotiate the remediation of flaws in balance with other engineering priorities to remove roadblocks and expedite vulnerability resolution. Senior Security Vulnerability Engineers are key to mitigating security risks at Procore. If you are interested in tangibly reducing threats and seeing the results of your efforts, and if you like to be recognized for your contributions, please apply today to join the team.

This position reports into the Senior Manager of Security Risk & Policy and will be based remotely. We’re looking for someone to join us immediately.

What you’ll do:

• Help to mature the technical risk program, educate the organization about technical risk, and help technical risk owners embrace risk ownership and use risk management in their daily activities
• Contribute to the effort to innovate and automate vulnerability identification, evaluation, notification, and remediation 
• Follow up with teams to make sure remediation requirements are understood & actioned
• Work with Jira boards to document and track remediation activities & create reporting
• Assist vulnerability owners with remedial steps to close the vulnerabilities; validate completed remediations
• Stay current with changing threats and technology evolution across Procore and implement enhancements to the Vulnerability Management program in response

What we’re looking for: 

• Experience with mitigation of cloud infrastructure and application vulnerabilities and patching
• Ability to interpret penetration test reports and execute action plans to mitigate findings
• Knowledge about cybersecurity practices in cloud environments.
• Strong communication and partnering skills & comfort with interaction with stakeholders at all levels of management, business, and software engineering
• Work experience in Software Engineering, Cybersecurity, Computer Science, Information Systems
• Bachelor’s degree in Information Security, Computer Science or related field, or equivalent work experience

 

Additional Information

Base Pay Range $118,400-$162,800 Procore is committed to offering competitive, fair, and commensurate compensation, and has provided an estimated pay range for this role. Actual compensation will be based on a candidate’s job-related skills, experience, education or training, and location.

About Us

Procore Technologies is building the software that builds the world. We provide cloud-based construction management software that helps clients more efficiently build skyscrapers, hospitals, retail centers, airports, housing complexes, and more. At Procore, we have worked hard to create and maintain a culture where you can own your work and are encouraged and given resources to try new ideas. Check us out on Glassdoor to see what others are saying about working at Procore.

We are an equal-opportunity employer and welcome builders of all backgrounds. We thrive in a diverse, dynamic, and inclusive environment. We do not tolerate discrimination against employees on the basis of age, color, disability, gender, gender identity or expression, marital status, national origin, political affiliation, race, religion, sexual orientation, veteran status, or any other classification protected by law.

If you'd like to stay in touch and be the first to hear about new roles at Procore, join our Talent Community.