Senior Vulnerability Management Engineer

Bengaluru

Full Time Senior-level / Expert USD 118K - 175K *

Everbridge

Assess risk, locate impacted people and assets, act rapidly, and analyze outcomes to drive organizational resiliency and keep people safe.

View company page

As a senior vulnerability management engineer you will be a key member of the Everbridge Information Security team tasked with reducing the risk of vulnerability exploitation through appropriate and timely resolution or mitigation of vulnerabilities across Everbridge’s broad product set and Corporate IT.  This role is responsible for partnering with Engineering and Corporate IT to ensure implementation of vulnerability best practices across Everbridge globally; ensuring that appropriate vulnerability scanning is in place; monitoring and reporting Everbridge’s global vulnerability posture; maintaining awareness of vulnerability disclosures; analysis of vulnerabilities and their impact; and, collaborating with Everbridge’s global Engineering and Corporate IT teams to ensure timely and appropriate vulnerability remediation.

What You’ll Do:

  • Maintain awareness of Everbridge’s global vulnerability posture
  • Maintain awareness of critical vulnerability disclosures and alerts
  • Perform technical and risk analysis of vulnerabilities
  • Collaborate with product Engineering and Corporate IT teams regarding appropriate remediation or mitigation of vulnerabilities
  • Escalate remediation of critical vulnerabilities
  • Ensure that all systems and applications are being appropriately scanned for vulnerabilities
  • Contribute to the management of vulnerability scanning and reporting tooling
  • Provide operational and executive vulnerability reporting
  • Collaborate with product Engineering and Corporate IT teams to ensure vulnerability management best practices are followed

What You’ll Bring:

  • 5+ years experience with vulnerability management with cloud-based and on-premises systems and applications
  • Exceptional knowledge of vulnerability management best practices.
  • Strong experience with vulnerability management, testing, and analysis tools.
  • Extensive experience with Qualys, Veracode, and AWS ECR is highly desired.
  • Experience Burp Suite Metasploit, ExpoitDB, Cuckoo, and similar is desired
  • Extensive experience using vulnerability monitoring tools to associate findings with an owner in a complex environment
  • Demonstrated ability to work effectively in a complex and dynamic global environment.
  • Extensive experience with vulnerability remediation and mitigation.
  • Extensive experience with technical and risk analysis of vulnerabilities.
  • Proven ability to identify appropriate mitigating controls for vulnerability exceptions.
  • Demonstrated ability to prioritize vulnerabilities based on risk.
  • Strong understanding of Linux and Windows.
  • Outstanding understanding of cloud platforms (AWS, GCP, and Azure) and cloud-based applications.
  • Understanding of software development tools, methodologies, and pipelines.
  • Exceptional understanding of web-based applications and technologies.
  • Ability to analyze source code for vulnerabilities.
  • Experience integrating vulnerability monitoring, reporting, and management tools.
  • Experience automating administrative processes.
  • Demonstrated experience delivering effective reporting for multiple operational and executive teams globally.
  • Proven ability to develop relationships with IT and Engineering teams to resolve aging vulnerabilities.

Essential Skills:

  • Extensive knowledge of a broad range of technology and information security controls
  • A high level of governance knowledge and a deep understanding of various security technologies and controls.
  • Exceptional knowledge of vulnerability management methodologies and tools
  • Excellent analysis and troubleshooting skills
  • Ability to analyze complex situations, assess risks and balance strategic and tactical security requirements with business pragmatism, risk appetite, and innovation.
  • A self-starter, with the ability to work autonomously
  • Ability to prioritize,re-schedule, and adapt to changes in a dynamic environment.
  • Strong written and verbal communication skills
  • Ability to establish strong working relationships with people across different teams
  • Excellent organizational skills
  • High attention to detail
#LI-BK1
Bridger Culture: 
At Everbridge, we have a mission that matters – to keep people safe and businesses running during critical events. Our “Bridgers” join Everbridge to make a positive impact on the world through their work. The core of our company culture is built around making a difference. Our people are dedicated to solving problems during difficult times and challenging situations as our software was built to save lives. We are a rapidly growing organization transforming the field of critical event management and need passionate, committed and determined individuals to help us carry out our mission. Our environment is dynamic, and our culture is constantly evolving and expanding in order to provide the best employee experience. Click here to learn more about what we do. Passionate about our mission? Want to #BeTheBridge? Apply to be a part of our team today! Everbridge is an Equal Opportunity/Affirmative Action Employer. All qualified Applicants will receive consideration for employment without regard to race, creed, color, religion, or sex including sexual orientation and gender identity, national origin, disability, protected Veteran Status, or any other characteristic protected by applicable federal, state, or local law.

* Salary range is an estimate based on our salary survey 💰

Tags: AWS Azure Burp Suite Cloud GCP Governance Linux Metasploit Monitoring Qualys Risk analysis Veracode Vulnerabilities Vulnerability management Windows

Perks/benefits: Team events

Region: Asia/Pacific
Country: India
Job stats:  5  0  0
  • Share this job via
  • or

More jobs like this

Explore more InfoSec/Cybersecurity career opportunities

Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.