Lead Security Vulnerability Engineer

Overview:

We are seeking a Lead Security Vulnerability Eengineer

to join our growing team!

About Us

Through professional opportunity, we strive to give each person a clear path to success and personal growth. We embrace diversity and believe that our differences in experience and perspective are the key to our sustained success.

Responsibilities & Qualifications:

Position Summary

This position leverages Momentive’s vulnerability management tools to identify, assess, prioritize, and remediate security vulnerabilities across the enterprise. The role is responsible for administering and enforcing the Vulnerability Management Program while enhancing its effectiveness through regular evaluation and improvement.

• Lead the Vulnerability Management Program including process development, tooling, integrations, reporting and ensuring regulatory compliance with relative standards.
• Lead regular vulnerability scans to identify security risks across systems and applications.
• Lead the execution of Secure-SDLC tooling to include DAST, SAST, network vulnerability & penetration testing.
• Analyze and prioritize vulnerabilities based on severity, impact, and business risk.
• Work closely with IT, development, and infrastructure teams for remediation actions.
• Monitor threat intelligence feeds and emerging vulnerabilities.
• Collaborate with compliance teams to ensure adherence to relevant regulations
• Prepare and deliver comprehensive technical reports and concise executive summaries.
• Evaluate and optimize vulnerability management tools and workflows for improved effectiveness.
• Ensure alignment of vulnerability management activities with global standards and best practices.
• Provide technical expertise and guidance to internal teams on mitigating vulnerabilities efficiently.
• Support incident response activities.

• Experience:
• Minimum 5 years of related cybersecurity & vulnerability management experience
• Minimum 3 years of leading security engineers
• Typically requires a bachelor’s degree or equivalent experience.
• Security+, CISSP, or other relevant certifications.
• Computer/Technical:
• Advanced knowledge of network, system, and web application attacks and mitigations.
• Advanced knowledge of vulnerability management programs & tooling.
• Advanced knowledge of Vulnerability identification, prioritization, and remediation.
• Knowledge of information systems, security systems, and cybersecurity best practices.
• Knowledge of Security Information and Event Management Software.
• Other Skills:
• Developing documentation, processes, and standards
• Strong verbal and written communication skills
• Working with cross functional teams to develop roadmaps.
• Proven analytical and problem-solving abilities
• Ability to effectively prioritize and execute tasks in a high-pressure environment
• Ability to present ideas in business-friendly and user-friendly language
• Highly self-motivated and directed
• Strong attention to detail
• Team-oriented and skilled in working within a collaborative environment

For more on protecting yourself from fraud, visit this article from the Federal Trade Commission (FTC). If you believe you were a victim, contact local authorities or file a complaint with the FTC here.

Total Rewards:

Why work here?

Good People, Doing Good Things: Employees at Momentive Software are techies and volunteers who strive to make the Company a great place to work. We dream big and are motivated to help our customers use the technology we create to improve the world around us.

• Planned Paid Time Off
• Purpose-Driven Culture
• Work-Life Balance
• Passionate About Community Involvement
• Company Paid Parental Leave

All persons hired will be required to:

• Verify their identity,
• Verify they are eligible to work (without sponsorship) in the country they are to be employed in, and
• Complete any required employment eligibility verification form upon hire.

#LI-PK1