IT Vulnerability Management Engineer

Newark, CA

Applications have closed

Lucid Motors

With extraordinary design, performance, range, convenience, and utility, Lucid Gravity is the future of sustainable mobility, reimagining the luxury electric SUV.

View company page

Leading the future in luxury electric and mobilityAt Lucid, we set out to introduce the most captivating, luxury electric vehicles that elevate the human experience and transcend the perceived limitations of space, performance, and intelligence. Vehicles that are intuitive, liberating, and designed for the future of mobility. We plan to lead in this new era of luxury electric by returning to the fundamentals of great design – where every decision we make is in service of the individual and environment. Because when you are longer bound by convention, you are free to define your own experience. Come work alongside some of the most accomplished minds in the industry. Beyond providing competitive salaries, we’re providing a community for innovators who want to make an immediate and significant impact. If you are driven to create a better, more sustainable future, then this is the right place for you. Notice regarding COVID-19 Vaccination for positions located in Newark, CaliforniaAt Lucid (the “Company”), we prioritize the health and wellbeing of our employees, families, and friends above all else. In response to the novel Coronavirus, and the increased transmissibility with recent variants, all Lucid Employees whose employment is based in Newark, current and future, must be fully vaccinated and provide proof thereof as a condition of continued or future employment with the Company. Accommodations due to medical or religious exemptions will be considered.
We are currently seeking an experienced engineer to manage and enhance the vulnerability management program across Lucid. In this role, you'll take a risk-based approach to identifying, prioritizing, and remediating vulnerabilities in systems and applications. Rather than simply clicking through scan results and alerts from commercial tools, you’ll work closely alongside other teams to mature the overall vulnerability management program, thoroughly understand findings, and proactively protect assets.

The Role:

  • Design and improve upon vulnerability management processes and workflows.
  • Spearhead improvements to company-wide patching and configuration management practices.
  • Partner with software teams to assess and remediate vulnerabilities in applications.
  • Balance concurrent projects with ongoing operational responsibilities.
  • Contribute to other aspects of the security program such as systems hardening, risk management, and compliance.
  • Stay informed on recent security trends and vulnerabilities, and proactively apply this knowledge to reduce risk.
  • Take a metrics-driven approach to remediation and problem-solving.

Qualifications:

  • 4+ years of prior security experience, including hands-on experience in vulnerability management.
  • Willingness to challenge the status quo.
  • Demonstrated track record of leading or coordinating major security projects.
  • Experience with common vulnerability scanners and tools (Tenable/Nessus, Rapid7, Qualys, etc.), including configuration and architecture rather than just operations.
  • Solid understanding of major operating systems (Windows, Mac, Linux) as well as configuration management for these systems at scale.
  • Reasonable knowledge of TCP/IP concepts.
  • Ability to understand, interpret, and apply common security standards and frameworks such as NIST 800-53, CIS, PCI DSS, and ISO-27001-2.

  • Education:
  • Bachelor's degree or higher in relevant discipline (cybersecurity, information systems, computer science) or equivalent work experience.

  • Advantageous:
  • Experience managing vulnerabilities in cloud environments such as AWS and Azure.
  • Proven understanding of real-world attacker techniques and the various ways in which different vulnerabilities can be exploited.
  • Experience in at least one major scripting language (Bash, Python, PowerShell, etc.)
  • Understanding of security concepts specific to industrial/OT environments.
  • Relevant certifications are a plus (CISSP, OSCP, SANS/GIAC).
At Lucid, we don’t just welcome diversity - we celebrate it! Lucid Motors is proud to be an equal opportunity workplace and is an affirmative action employer.  We are committed to equal employment opportunity regardless of race, color, national or ethnic origin, age, religion, disability, sexual orientation, gender, gender identity and expression, marital status, and any other characteristic protected under applicable State or Federal laws and regulations. To all recruitment agencies: Lucid Motors does not accept agency resumes. Please do not forward resumes to our careers alias or other Lucid Motors employees. Lucid Motors is not responsible for any fees related to unsolicited resumes. 

Tags: AWS Azure Bash CISSP Cloud Compliance Computer Science GIAC Industrial Linux Nessus NIST OSCP PCI DSS PowerShell Python Qualys Risk management SANS Scripting TCP/IP Vulnerabilities Vulnerability management Windows

Region: North America
Country: United States
Job stats:  12  2  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.