Senior Cybersecurity Engineer

📋 Description

• Create and present cybersecurity artifacts for software product releases, which include SBOMs, evidence of vulnerability remediation, and security documentation for releases.

• Facilitate technical reviews with development teams to address vulnerabilities, security measures, remediation status, and residual risks.

• Assess and prioritize vulnerability remediation and patching initiatives based on business implications, proof of exploitability, and policy mandates, collaborating with engineering, project managers, and product owners to ensure timely risk mitigation.

• Develop and propose systematic remediation strategies and preventive measures to minimize recurring vulnerabilities, which encompass secure coding practices, dependency management, and configuration hardening across products and their supporting applications.

• Analyze and triage results from application, network-based, and agent-based security scanning tools (SAST, DAST, SCA, infrastructure scanners) to ascertain actual security impact, validate exploitability, and differentiate between true positives and false alarms.

• Confirm security fixes through practical testing, including web application assessments utilizing tools such as Burp Suite and Postman, and verification of remediation for vulnerabilities in iOS and Android mobile applications.

• Effectively convey intricate technical security concepts to executive leadership and cross-functional stakeholders, translating vulnerability results, security controls, and security metrics into business-relevant risk insights and support for decision-making.

• Lead remediation initiatives following security assessment findings that highlight areas needing attention.

• Aid in the progression of the cyber threat and vulnerability management program to guarantee consistent identification, evaluation, response, and monitoring of cybersecurity threats, events, and vulnerabilities.

• Utilize JIRA for managing security projects and vulnerabilities, creating dashboards, reports, and automation workflows to monitor remediation progress, enhance visibility of security metrics, and streamline cooperation among cross-functional teams.

• Engage in cross-functional team collaboration to meet established security objectives and fulfill technical requirements in support of detailed implementation plans for security initiatives.

• Offer technical guidance and training regarding potential security threats and prevention strategies.

⛳️ Requirements

• Bachelor's degree in computer and information sciences or engineering, Security Systems, or related disciplines.

• At least 3 years of experience in IT management systems, cybersecurity, or other relevant fields, with a strong preference for product security (i.e., consumer-facing applications and services).

• Minimum of 5 years of business experience.

• Proven hands-on experience in conducting security testing for web, mobile, and cloud infrastructure utilizing DAST, SAST, SCA, SBOM generation tools, and network- and agent-based vulnerability scanning tools.

• Capability to manage multiple projects with strong organizational skills.

• Proven critical thinking, analytical skills, judgment, and logical reasoning for problem-solving and decision-making in a dynamic environment.

• Capacity to work effectively within a team, adjusting to swiftly changing business and technological requirements.

• Exceptional documentation, communication, and interpersonal skills.

• Preferred: Holds or is working towards one or more relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH), or equivalent.

🏝️ Benefits

• Opportunities for career development with an international company where you can shape the career of your dreams.

• Employees may qualify for complimentary medical coverage in our Health Investment Plan (HIP) PPO medical plan in the upcoming calendar year.

• A robust retirement savings plan with substantial employer contributions.

• Tuition reimbursement, the Freedom 2 Save student debt program, and FreeU education benefit - an accessible and convenient route to obtaining a bachelor’s degree.