Senior Vulnerability Management Engineer - US Remote - Guidewire Software United States - Remote Bookmark Share Print 194 0 1

Listing Description

We are looking for a Senior Vulnerability Management Engineer who can navigate complex threat scenarios and remain committed to decreasing the overall attack surface of the company. Infrastructure Vulnerability Management remains a top priority at Guidewire, and you will be responsible for implementing and managing enterprise vulnerability tools and processes in a cloud environment, to reduce technical and business risks due to vulnerabilities and misconfigurations. This includes identifying and evaluating vulnerabilities, misconfigurations and supporting remediation activities.

Responsibilities
  • Management, operation, and enhancement of vulnerability management, cloud posture management and container security tools.
  • Provide security guidance to Cloud Engineering teams encompassing perimeter, misconfigurations, asset visibility, policies, container, patching cadence, and vulnerability scanning. Partner with cloud architecture, engineering and application development teams to establish and maintain comprehensive visibility into potential risk events across a large scale cloud environment.
  • Improve and mature vulnerability reporting to key stakeholders, and drive remediation efforts by communicating, clearly articulating, and prioritizing risk and impact to all stakeholders to convey the urgency and need to remediate a vulnerability/misconfiguration.
  • Develop processes and automation by engaging with stakeholders to harden and deploy AMI and docker container images.
  • Stay abreast of emerging threats, and promote understanding of associated risk with stakeholders by reviewing and analyzing vulnerability data to identify trends and patterns.
  • Supporting compliance and risk management activities, recommending security controls and corrective actions to mitigate vulnerability risks.
  • Partner with the leadership team to report program roadmap status, define Key Risk Indicators and automated dashboards presenting risks and KPIs.

    • Requirements
  • Knowledge of vulnerability scoring systems and prioritization techniques (CVSS, EPSS, SSVC, etc.)
  • Experience with cloud specific tooling such as Cloud Security Posture Management (CSPM), Cloud Workload Protection Platform (CWPP) and Cloud Native Application Protection Platform (CNAPP).
  • Thorough understanding of enterprise security controls, cloud security, network protocols and operating system (Windows/Linux/MAC).
  • Familiar with best practices in securing Kubernetes and have a firm grasp on the challenges and solutions around securing containers and K8 clusters.
  • Hands-on experience handling vulnerability management operations for cloud workloads at scale in AWS/Azure/GCP.
  • Ability to conduct thorough analysis, automate redundant processes using scripting languages (Python or similar languages) and recommend data driven actions. 
  • Results-oriented, high energy, self-motivated and love for a team environment.
    • About Guidewire

    Guidewire is the platform P&C insurers trust to engage, innovate, and grow efficiently. We combine digital, core, analytics, and AI to deliver our platform as a cloud service. More than 500 insurers in 38 countries, from new ventures to the largest and most complex in the world, run on Guidewire.

    As a partner to our customers, we continually evolve to enable their success. We are proud of our unparalleled implementation track record with 1000+ successful projects, supported by the largest R&D team and partner ecosystem in the industry. Our Marketplace provides hundreds of applications that accelerate integration, localization, and innovation.

    For more information, please visit www.guidewire.com and follow us on Twitter: @Guidewire_PandC.

    Guidewire Software, Inc. is proud to be an equal opportunity and affirmative action employer. We are committed to an inclusive workplace, and believe that a diversity of perspectives, abilities, and cultures is a key to our success. Qualified applicants will receive consideration without regard to race, color, ancestry, religion, sex, national origin, citizenship, marital status, age, sexual orientation, gender identity, gender expression, veteran status, or disability. All offers are contingent upon passing a criminal history and other background checks where it's applicable to the position.

    Disability Accommodations and Guidewire’s Appeals Process. Guidewire provides accommodations to the hiring process to create a fair opportunity for candidates with disabilities to contend for open positions. Accommodation requests should be directed to (650) 356-4940 or Accommodations@guidewire.com. If things do not go as hoped, we invite you to use our appeals process. Guidewire promises to independently review any denied accommodation and any decision not to offer you the position. The appeals process is the same in either case. Within five business days of receiving a notice of denial of an accommodation, or receiving a notice of your non-selection for a vacancy, call (650) 356-4940 or e-mail Accommodations@guidewire.com to make an appeal. Guidewire will assign a new decision-maker to review the request and/or hiring decision, who will then notify you in writing of a decision within 10 business days.

    Listing Details

    • Citizenship: Not Provided
    • Incentives: Not Provided

     

    • Education: Not Provided
    • Travel: Not Provided
    • Telework: Not Provided

    About Us

    NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

    Useful Links

    Our Contacts

    1765 Greensboro Station Pl.
    Suite 900
    Tysons Corner Va 22102

    (703) 594-7765

    requests@ninjajobs.org
    www.ninjajobs.org
    Chat with us!