IT Vulnerability Management Engineer
Newark, CA
Applications have closed
Lucid Motors
With extraordinary design, performance, range, convenience, and utility, Lucid Gravity is the future of sustainable mobility, reimagining the luxury electric SUV.We are currently seeking an experienced engineer to manage and enhance the vulnerability management program across Lucid. In this role, you'll take a risk-based approach to identifying, prioritizing, and remediating vulnerabilities in systems and applications. Rather than simply clicking through scan results and alerts from commercial tools, you’ll work closely alongside other teams to mature the overall vulnerability management program, thoroughly understand findings, and proactively protect assets.
The Role:
- Design and improve upon vulnerability management processes and workflows.
- Spearhead improvements to company-wide patching and configuration management practices.
- Partner with software teams to assess and remediate vulnerabilities in applications.
- Balance concurrent projects with ongoing operational responsibilities.
- Contribute to other aspects of the security program such as systems hardening, risk management, and compliance.
- Stay informed on recent security trends and vulnerabilities, and proactively apply this knowledge to reduce risk.
- Take a metrics-driven approach to remediation and problem-solving.
Qualifications:
- 4+ years of prior security experience, including hands-on experience in vulnerability management.
- Willingness to challenge the status quo.
- Demonstrated track record of leading or coordinating major security projects.
- Experience with common vulnerability scanners and tools (Tenable/Nessus, Rapid7, Qualys, etc.), including configuration and architecture rather than just operations.
- Solid understanding of major operating systems (Windows, Mac, Linux) as well as configuration management for these systems at scale.
- Reasonable knowledge of TCP/IP concepts.
- Ability to understand, interpret, and apply common security standards and frameworks such as NIST 800-53, CIS, PCI DSS, and ISO-27001-2.
- Bachelor's degree or higher in relevant discipline (cybersecurity, information systems, computer science) or equivalent work experience.
- Experience managing vulnerabilities in cloud environments such as AWS and Azure.
- Proven understanding of real-world attacker techniques and the various ways in which different vulnerabilities can be exploited.
- Experience in at least one major scripting language (Bash, Python, PowerShell, etc.)
- Understanding of security concepts specific to industrial/OT environments.
- Relevant certifications are a plus (CISSP, OSCP, SANS/GIAC).
Education:
Advantageous:
Tags: AWS Azure Bash CISSP Cloud Compliance Computer Science GIAC Industrial Linux Nessus NIST OSCP PCI DSS PowerShell Python Qualys Risk management SANS Scripting TCP/IP Vulnerabilities Vulnerability management Windows
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Chief Information Security Officer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open CI/CD-related jobs