Information Security Engineer

Information Security Engineer, Vulnerability Management and Operation
We are seeking an exceptional Security Engineer to support our vulnerability management program. This is a technical, operation-oriented, and hands-on role in a dynamic and fast-paced environment.
You'll be working with various applications and systems to manage vulnerabilities, follow up with different teams, drive remediation, and improve our current processes.

DESCRIPTION

• You will join a team that passionately stays up to date on emerging security vulnerabilities and threats, keeps a cool head in crisis, and advocates every day for improving the security of products and services.
• You will need to have a good technical background and a high interest in network, system, and web security.
• The role also requires excellent communication skills to effectively collaborate with diverse teams. Specific responsibilities include:
• Work cross-functionally with different teams to identify and assess vulnerabilities, and guide them through the full remediation lifecycle with a focus on timely resolution and outcome-driven communication.
• Utilize programming to analyze big data dumps related to systems and applications to extract key information for vulnerability impact analysis.

KEY QUALIFICATIONS

• BS in Computer Science, Information Technology, Information Security, or related field
• 3 years' experience in information security or related field
• Self-starter with flexibility of working remotely and supporting a global team
• Ability to track and lead numerous activities concurrently
• Passionate about keeping our customers' data safe
• In-depth understanding of vulnerability scanning tools like Tenable, Qualys, etc.
• Familiarity with common security vulnerabilities and the ability to judge their severity and impact to the business
• Ability to analyze vulnerabilities and understand criticality to provide remediation guidance
• Ability to communicate, support, and drive remediation for identified vulnerabilities independently
• Driven to automate and improve continuously
• Ability to run proof of concept for known vulnerabilities
• Demonstrable understanding of IPv4 and IPv6 networks
• Familiar with one or more of the following programming languages: Python, Go, Rust, and/or Bash scripting
• Excellent critical thinking skills
• Ability to solve logic/algorithmic problems
• Experience with SQL and Linux
• Experience with penetration testing
• Knowledge of the security research community