Back to all jobs

Senior Vulnerability Management Automation EngineerRemote

LocationHillsboro, OR 97124 - United States
Work TypeContract/Temp
Positions1 Position
Salary RangeUS$67 - 72 per hour
  • Risk Analyst
Category: Technology
  • Innovative Technology; High Quality Products, Self-Empowerment
  • Globally Responsible; Sustainable Products, Diversity of Thought
  • Celebration of Sports; If You Have a Body, You are an Athlete

Title: Senior Vulnerability Management Automation Engineer

Location: Remote, US

Duration: 1 year Assignment


As a Senior Vulnerability Management Automation Engineer, your role on the team will be focused on the automation and integration of various security vulnerability assessment tools to drive accountability & visibility of Nike's high-risk findings. Work with multiple data sources, including all vulnerability data and other enterprise data, for contextual enrichment to drive actional output and automated vulnerability management lifecycle. In addition, you will work with technical and business teams to understand customer use cases for remediation of the vulnerabilities and provide solutions to create self-service visibility into security findings for mitigation and automated reporting. You will also improve Nike's security posture by advocating for security best practices and implementation. Ours is a fast-paced, forward-thinking team constantly innovating and passionate about data and risk reduction. 

Job Responsibilities

  • Developing automation & complex orchestration to scale out the vulnerability tools, output of vulnerability data and correlated (enrichment) data across the organization
  • Assist with maintaining pipeline integration of security tools into various development SDLCs
  • Educate Engineers, developers, and product teams on the importance of vulnerability management, effectively utilize the tools and remediate findings identified in an automated fashion
  • Continually evaluate the current state of the program; work with the team constantly find ways to automate and develop future roadmap
  • Communicate complex technical issues simply to different audiences
  • Ability to quickly learn new Information Security concepts and adapt to a fast-paced, ever-changing organization

What We're Looking For (Qualifications):

To make it clear, we're not looking for just anyone. We're looking for someone special, someone who has in-depth experience and clearly demonstrates these skills:

  • BS or MS degree preferred in computer science, information assurance
  • Expertise in interpreted languages (Python is a must) and high-level languages (Java script, .Net, PowerShell) with full-stack development experience
  • Hands on experience with ETL tools (i.e. Apache Nifi, MS-SSIS, jasper) and concepts
  • Software development background and strong knowledge of software development lifecycles
  • Previous experience deploying and maintaining configuration as code systems, services, containers and applications in AWS, Azure and/or GCP
  • Hands on experience with Vulnerability management tools such as Tenable, Rapid7, or Qualys, Twistlock
  • Ability to develop and communicate recommendations to management
  • Ability to translate technical security vulnerabilities into business risk
  • Strong problem-solving and conceptual thinking abilities
  • Strong ability to reverse engineer tools, exploits and open-source applications and ability to develop them
  • Experience looking for application security vulnerabilities such as Cross Site Scripting, SQL Injection, Cookie Manipulation, Buffer Overflows, etc.
  • In-depth familiarity with Windows and Unix Operating Systems