Attack Surface Management Engineer (Vulnerability Engineer)

Are you looking for more?
 

At Mohawk Industries, we’re committed to more – more customer solutions, more process improvements, more sustainable manufacturing and more opportunities for our team.

As a Fortune 500, global flooring leader with some of the best-known brands in the industry, Mohawk is a great place to start or develop your career with an emphasis on more of what’s important to you. Whether you want to lead more, innovate more, learn more or create more, you can find your more with Mohawk.

What we need:

The Attack Surface Management Engineer / Vulnerability Management Engineer is a leading performer that works to create and apply innovative technology to the continuous threat exposure management process by leveraging a strong attack surface management background, critical and structured thinking, and excellent communication skills.

What you’ll do:

• As a Security Engineer, you will create a state-of-the-art, all-encompassing attack surface reduction and vulnerability management program from the ground up. Your role involves not just hands-on management of various vulnerabilities but also strategically building and automating a comprehensive program that adapts to the evolving cybersecurity landscape.
• Creates vulnerability strategies and policies, by identifying gaps in processes, evaluating trends, and anticipating requirements.
• Manage reporting and timely remediation for vulnerabilities from infrastructure scans, cloud, containers, penetration testing, source code (SAST/SCA) and Bug Bounty.
• Report and track metrics, KPIs and KRIs with proactive escalations to maintain risk within acceptable appetite.
• Generate comprehensive reports, including detailed findings, exploitation procedures, and mitigation techniques.
• Collect vulnerability data across technologies such as endpoints, servers, network equipment, and cloud and interpreting and presenting risk.
• Maintains a high-level of technical knowledge of platforms utilized throughout the environment.
• Understanding of the application of the following frameworks and how they are applied to identifying and rating risk: OWASP, SANS, NIST, CIS, and MITRE ATT&CK.
• Familiarity with common web vulnerabilities including: XSS, XXE, SQL Injection, Deserialization Attacks, Path Traversal Attacks, Remote Execution flaws, and Authentication flaws.

What you have:

• Bachelor’s Computer and Information Systems Security or similar.
• Minimum 3+ years attack surface/vulnerability management.

What you’re good at:

• Superior verbal, written, presentation and interpersonal communications skills; ability to effectively exercise tact, discretion, judgment, and diplomacy when interacting and/or negotiating with internal and external customers and senior management and ability to communicate with others in stressful situations using appropriate interpersonal styles and methods to reduce tension or conflict and maintain professionalism in accordance with corporate standards. 
• Strong technical knowledge, ability to present and explain technical information in a way that establishes rapport, persuades others, and gains understanding.   
• Ability and willingness to accept responsibility, willingness to challenge established practices and draw relevant conclusions, including the persistence and willingness to take calculated risk, and sell new ideas within the organization. 
• Excellent leadership skills to effectively coordinate with a diverse global team to achieve results through team efforts, and the desire and ability to motivate and persuade activities of others. 
• Ability to act as an advisor on professional and technical issues with a view towards reaching strategic decisions; ability to manage conflicting demands for resources through negotiation.  

• Ability to perform in a high-pressure environment and/or crisis and render good decisions to resolve the problems, maintain safety and ensure adherence to Corporate Code of Conduct. 

What else?

• This position will supervise both direct and indirect employees.
• Normal Office Environment. 
• Domestic/International travel may be required occasionally, up to 20%/year.

#LI-HD1

Mohawk Industries is a leading global flooring manufacturer that creates products to enhance residential and commercial spaces around the world. Mohawk’s vertically integrated manufacturing and distribution processes provide competitive advantages in the production of carpet, rugs, ceramic tile, laminate, wood, stone and vinyl flooring. Our industry-leading innovation has yielded products and technologies that differentiate our brands in the marketplace and satisfy all remodeling and new construction requirements. Our brands are among the most recognized in the industry and include American Olean, Daltile, Durkan, IVC, Karastan, Marazzi, Mohawk, Mohawk Home, Pergo, and Quick-Step. During the past decade, Mohawk has transformed its business from an American carpet manufacturer into the world’s largest flooring company with operations in Australia, Brazil, Canada, Europe, India, Malaysia, Mexico, New Zealand, Russia and the United States.

Mohawk Industries, Inc. is an Equal Opportunity Employer including disability/veteran committed to an inclusive workplace and a proud Drugs Don’t Work participant.