This job posting isn't available in all website languages

Senior Vulnerability Management Engineer

00503324 Requisition #

We are looking for a Senior Vulnerability Management Engineer. This role participates in the attack surface reduction of global computing assets through the identification and assessment of vulnerabilities. The Senior Engineer is responsible for analysis of the data generated by the vulnerability management solutions, coordination with external partners regarding their patching program effectiveness, creation of solutions that enhance our teams technical capabilities and completion of day to day tasks associated with the vulnerability management program and platforms. This role is perfect for a team player with strong vulnerability management experience, curiosity, and communication skills. You must be a proven problem solver, adept at making good decisions under pressure, comfortable with cross-functional and distributed teams, and flexible with changing priorities.

- Review security vulnerabilities across a variety of technologies and environments to determine high risk vulnerabilities to business assets

- Provide technical vulnerability analysis and remediation options

- Lead meetings with business partners to ensure remediation efforts adhere to corporate standards and policies

- Provides analysis/validation of remediation actions taken, opportunities for improvements and out of the box thinking for optimizations and solving road blocks

- Schedule and perform reoccurring scanning activities of both corporate and cloud environments utilizing enterprise platform

- Configure vulnerability platform reporting, asset tagging and exception tracking to enable accurate business line reporting for metrics program

- Validate and confirm accuracy and scope of scanning infrastructure with other Technology teams through both manual and automated processes

- Identify attack surface reduction opportunities via vulnerability data analysis, trends and asset meta data review

- Perform vulnerability risk analysis on submissions from responsible disclosure program

- Work with other CIS organizations such as Governance, Risk and Threat Intelligence to report on program status and coordinate risk tracking

- Maintain and compose operational process documentation regarding program execution

- Provide mentorship and training to junior members to the team on vulnerability analysis & risk ratings

- Create scripted solutions for automation of data creation, gathering, manipulation, analysis and reporting.

The Senior Vulnerability Management Engineer is part of the Corporate Information Security Operations Vulnerability Management Team

To make it clear, we're not looking for just anyone. We're looking for someone special, someone who has in-depth experience and clearly demonstrates these skills:

- Bachelor's degree in Computer Science, Information Technology, Cyber Security, or related field

- 5+ years of IT professional experience, with 2 years in an Information Security Role

- Experience with Vulnerability Assessment solutions such as Tenable Nessus, Rapid7 Nexpose, Qualys, Accunetix, WhiteHat

- Strong technical understanding of CVSS, OWASP Top 10 and Vulnerability Exploitability ratings

- Ability to create automation tools using a scripting language such as Python, PowerShell

- Previous experience working in large scale environments with diverse technologies

- Understanding of a variety of technical concepts such as: Networking, systems administration, application development, cloud computing and information security best practices

- Experience with data analytics with the ability to provide qualitative analysis and recommendations

- Strong verbal and written communication skills

- Strong organizational and/or Agile project management skills

- Ability to develop strong working relationships with a variety of other enabling teams

- Strong attention to detail, data accuracy, and data analysis

- Self-motivated and operates with a high sense of urgency and a high level of integrity

Previous Job Searches

Activity Feed

Job shares through NIKE, Inc.
Someone applied to the Talent Acquisition Operations Director position. Less than a minute ago
Someone applied to the Nike Orlando International Retail Sales Associate Seasonal ("Athlete") position as a result of Dwight Bell's referral. 4 minutes ago
Someone applied to the Nike Jeffersonville Retail Sales Associate Seasonal ("Athlete") position as a result of Brandon Savage's referral. 7 minutes ago
Someone applied to the Nike Temporary Part Time Athlete (Sales Associate) position. 13 minutes ago
Someone applied to the Nike Altoona Retail Sales Associate Part-Time ("Athlete") position as a result of Lucas Gangsei's referral. 13 minutes ago

Similar Listings

Beaverton, Oregon, United States

📁 Technology

Requisition #: 00497155

Beaverton, Oregon, United States

📁 Technology

Requisition #: IR311

Beaverton, Oregon, United States

📁 Technology

Requisition #: 00497712