Senior SecOps Vulnerability Management Engineer

Overview

Software Mind is seeking qualified candidates located in Latam to fill the role of Sr. SecOps Vulnerability Management (CTEM) Engineer. 

In addition to a competitive salary rate and a positive work environment, committed to delivering high-quality technology solutions, we also offer:

• Flexible schedules
• An authentic work-life balance
• Payment in US Dollars

About the role:

Our client develops digital experiences and platforms that provide consumers with information about financial services and financial products, to help them make the best financial decisions for their unique needs. 

We are looking for a Senior SecOps Vulnerability Management (CTEM) Engineer to support and improve the client’s Continuous Threat Exposure Management (CTEM) program, and cloud and network security practices. The client’s CTEM program is functioning and is in the process of company-wide delivery, with many problems that have already been solved, but many more that are waiting to be discovered.  

The role provides plenty of autonomy, and the client is looking for a highly driven individual with a strong sense of ownership and is willing to take action by identifying, assessing, and tackling problems that are sometimes ambiguous. They are looking for someone with great communication and collaboration skills who is comfortable interfacing directly with a wide range of stakeholders, including both technical and non-technical leaders.  

#LI-DNI  

Role Responsibilities:

• Operate, improve, and coordinate the CTEM program with the guidance of Security Leadership. 
• Work directly in the Seemplicity platform for CTEM aggregation, prioritization, remediation, etc. 
• Follow up with the appropriate teams and individuals to communicate and resolve vulnerabilities that are found
• Serve as an authority in the area of security vulnerabilities and vulnerability management. 
• Be able to speak the language of business risk and explain to stakeholders how security risks and vulnerabilities have a business impact, with the support of Security leadership. 
• Collaborate with technical teams, including Infrastructure, DevOps, Data, and Engineering to communicate findings, meet stakeholder needs, and promote accountability processes. 
• Respond to potential security incidents and perform other security team tasks as needed. 

Required Skills & Qualities:

• Excellent communication, collaboration, and negotiation skills, with demonstrated experience in communicating effectively to technical and non-technical audiences and stakeholders. 
• A strong track record of cross-team collaboration and process ownership, with extensive experience reaching out to and following up with other teams and stakeholders to communicate and resolve security findings. 
• Deep experience working in Vulnerability Management (CTEM), including tuning sources, prioritization rules, and reporting /ticketing streams that meet various stakeholder needs. 
• Have a deep understanding of what a vulnerability means across various domains, including:
  • Endpoint Security (laptop/desktop) experience and working with tools such as SentinelOne, CrowdStrike, Falcon, or similar. 
  • Cloud architecture and security experience, and working with AWS environments, container images, dependencies, etc., and using CNAPP tools like Lacework or Wiz. 
  • Code and OpenSource security experience, using tools like SemGrep, Synk, or similar. 
• Previous handos-on experience working with CTEM aggregation and re-prirotization tools and platforms like Seemplicicty (preferred), Defect Dojo, or Silk Security. 
• Experience in data retrieval, data manipulation, and data reporting, including the following skills:
  • Experience working with APIs. 
  • Experience with scripting for automation (Python preferred). 
  • Experience in data management, manipulation, and presentation (using data in Google Sheets, Excel, and databases).    

Control Work Areas:

• 70% Vulnerability Management Operation and Delivery
• 25% Tuning and improvement
• 5% Other