Senior Vulnerability Engineer
US-Remote
The Basics:
The Senior Vulnerability Engineer is responsible for the identification, tracking, reporting, and remediation of vulnerabilities and configuration deviations. While the role has responsibilities across all Tanium managed environments and devices, candidates will focus primarily on cloud environments including those meeting FedRAMP requirements. Candidates will collaborate with architects, engineers, threat analysts, and compliance teams to drive continuous improvements of Tanium’s Vulnerability Management Program. This may include enhancements to existing or the development and integration of new tools and processes. Candidates are expected to question the status quo to identify opportunities for continuous improvement and are enabled to take action to ensure the effectiveness of a distributed security program operating within DevOps centric workflows.
What you'll do:
- Drive a comprehensive vulnerability management strategy applied consistently across the organization
- Collaborate with engineers to drive automated workflows
- Translate business and compliance requirements into scalable operational processes and procedures
- Interpret technical findings into actionable steps while applying a risk centric methodology for prioritization
- Collaborate with Governance, Risk, and Compliance teams to support internal and external audits
- Leverage threat intelligence information to investigate and identify potential security related flaws
- Develop comprehensive reports and metrics for key business stakeholders and leaders
- Collaborate with business stakeholders on the prioritization and remediation of identified issues
- Assess, leverage, and incorporate relevant vulnerability and intelligence feeds into processes
- Leverage automation and tools to reduce human interaction and drive process consistency and repeatability
We’re looking for someone with:
- Education
- Bachelor's Degree in Computer Science, IT or other relevant degree or equivalent work experience
- Experience
- 4+ years working in vulnerability management or equivalent role
- 5+ years of Program Management experience or stakeholder interaction experience
- In accordance with Department of Defense requirements, applicants for this role must be a U.S. citizen, national, or resident pursuant to 8 U.S.C. 1101(a)(20) and 8 U.S.C. 1324b(a)(3)
- Experience with server, workstation, and containerization platforms
- Working knowledge of on premise and AWS hosted architecture (GCP, Azure, OCI are nice to have)
- Deep understanding of common vulnerability and configuration scanning utilities (e.g., Tanium, Qualys, Nessus, Prisma, etc.)
- Working knowledge of Splunk and SQL for searching, reporting, and dash-boarding
- Familiarity with Compliance Frameworks (FedRamp, NIST 800:52 or NIST 800:171)
- Familiarity with Python
- Ability to synthesize large amounts of data into easily digestible and actionable tasks
- Detail oriented with ability to balance multiple project streams
About Tanium:
At Tanium, we offer a proven platform for endpoint visibility and control that transforms how the world's largest and most sophisticated organizations manage and secure their computing devices with unparalleled speed and agility. There’s a reason why more than half of the Fortune 100, top retailers and financial institutions, and four branches of the US Armed Forces rely on Tanium.
Our unstoppable spirit, drive to do the right thing and win as a team attitude has earned us the rank of 7th on the Forbes list of “Top 100 Private Companies in Cloud Computing” for 2019 and 10th on FORTUNE’s list of the “100 Best Medium Workplaces.”
On a mission. Together.
At Tanium, we are stewards of a culture that emphasizes the importance of collaboration, respect, and diversity. In our pursuit of revolutionizing the way some of the largest enterprises and governments in the world solve their most difficult IT challenges, we are strengthened by our unique perspectives and by our collective actions.
We are an organization with stakeholders around the world and it’s imperative that the diversity of our customers and communities is reflected internally in our team members. We strive to create a diverse and inclusive environment where everyone feels they have opportunities to succeed and grow because we know that only together can we do great things.
At Tanium, we take care of our employees and their communities with things like 5 days of Volunteer Time Off.
Tags: Audits Automation AWS Azure C Cloud Compliance Computer Science DevOps FedRAMP GCP Governance Nessus NIST Python Qualys Splunk SQL Strategy Threat intelligence Vulnerabilities Vulnerability management
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs