WHO ARE WE LOOKING FOR
We’re looking for a Senior Engineer Vulnerability Management to be focused on the automation and integration of various security vulnerability assessment tools to drive accountability & visibility of Nike's high-risk findings. This role will work with multiple data sources, including all vulnerability data and other enterprise data, for contextual enrichment to drive actional output and automated vulnerability management lifecycle. In addition, this individual will work with technical and business teams to understand customer use cases for remediation of the vulnerabilities and provide solutions to create self-service visibility into security findings for mitigation and automated reporting. You will also improve Nike's security posture by advocating for security best practices and implementation. Ours is a fast-paced, forward-thinking team constantly innovating and passionate about data and risk reduction.
WHAT WILL YOU WORK ON
Developing automation & complex orchestration to scale out the vulnerability tools, output of vulnerability data and correlated (enrichment) data across the organization
Assist with maintaining pipeline integration of security tools into various development SDLCs
Educate Engineers, developers, and product teams on the importance of vulnerability management, effectively utilize the tools and remediate findings identified in an automated fashion
Continually evaluate the current state of the program; work with the team constantly find ways to automate and develop future roadmap
Communicate complex technical issues simply to different audiences
Ability to quickly learn new Information Security concepts and adapt to a fast-paced, ever-changing organization
WHO WILL YOU WORK WITH
This role is part of the Attack Surface Management team within Corporate Information Security (CIS) and reports to the local Director for Cyber Defense. You will work with teams within CIS, including the Nike Cyber Defense Center & Incident Response (NCDC/IR) and CIS Cyber Defense Management team.
WHAT YOU BRING
BS or MS degree preferred in computer science, information assurance
Expertise in interpreted languages (Python is a must) and high-level languages (Java script, .Net, PowerShell) with full-stack development experience
Hands on experience with ETL tools (i.e. Apache Nifi, MS-SSIS, jasper) and concepts
Software development background and strong knowledge of software development lifecycles
Previous experience deploying and maintaining configuration as code systems, services, containers and applications in AWS, Azure and/or GCP
Hands on experience with Vulnerability management tools such as Tenable, Rapid7, or Qualys, Twistlock
Ability to develop and communicate recommendations to management
Ability to translate technical security vulnerabilities into business risk
Strong problem-solving and conceptual thinking abilities
Strong ability to reverse engineer tools, exploits and open-source applications and ability to develop them
Experience looking for application security vulnerabilities such as Cross Site Scripting, SQL Injection, Cookie Manipulation, Buffer Overflows, etc.
In-depth familiarity with Windows and Unix Operating Systems
Other Jobs from Nike
Lead Technical Developer, Global Apparel GSA
Similar Jobs
Sr. Systems Engineer - DevEx
Staff Systems Engineer - DevEx
Sr .NET Engineer - (C#/Azure/Microservices) - (REMOTE)
There are more than 50,000 engineering jobs:
Subscribe to membership and unlock all jobs
Engineering Jobs
60,000+ jobs from 4,500+ well-funded companies
Updated Daily
New jobs are added every day as companies post them
Refined Search
Use filters like skill, location, etc to narrow results
Become a member
🥳🥳🥳 401 happy customers and counting...
Overall, over 80% of customers chose to renew their subscriptions after the initial sign-up.
To try it out
For active job seekers
For those who are passive looking
Cancel anytime
Frequently Asked Questions
- We prioritize job seekers as our customers, unlike bigger job sites, by charging a small fee to provide them with curated access to the best companies and up-to-date jobs. This focus allows us to deliver a more personalized and effective job search experience.
- We've got about 70,000 jobs from 5,000 vetted companies. No fake or sleazy jobs here!
- We aggregate jobs from 5,000+ companies' career pages, so you can be sure that you're getting the most up-to-date and relevant jobs.
- We're the only job board *for* software engineers, *by* software engineers… in case you needed a reminder! We add thousands of new jobs daily and offer powerful search filters just for you. 🛠️
- Every single hour! We add 2,000-3,000 new jobs daily, so you'll always have fresh opportunities. 🚀
- Typically, job searches take 3-6 months. EchoJobs helps you spend more time applying and less time hunting. 🎯
- Check daily! We're always updating with new jobs. Set up job alerts for even quicker access. 📅
What Fellow Engineers Say