Expert Vulnerability Management Engineer (Open to remote work, except the following locations: CO, SD, VT, and WV)

Remote Verenigde Staten, Beaverton Nike 4 maanden geleden
English

Werde Teil des Teams von NIKE, Inc.

NIKE, Inc. stattet nicht nur die besten Athleten der Welt aus. Wir erkunden neue Möglichkeiten, finden Wege und überwinden die Grenzen des Machbaren. Unser Unternehmen sucht nach Menschen, die wachsen, denken, träumen und gestalten möchten. Unsere Unternehmenskultur schätzt Vielfalt und belohnt Einfallsreichtum. Unsere Marke sucht Menschen, die ihre Ziele erreichen, Führungsfähigkeiten haben und den Blick in die Zukunft richten. Bei NIKE, Inc. bringen alle Mitarbeiterinnen und Mitarbeiter ihre Fähigkeiten ein und nehmen immer neue Herausforderungen mit Leidenschaft an.

NIKE ist ein Technologieunternehmen. Unsere Teams bei NIKE Global Technology revolutionieren die Zukunft in der Synergie von Technik und Sport – von unserer state-of-the-art Website und unseren 5-Sterne-Apps bis hin zu Produktentwicklung, Verwaltung von Big Data und hochmodernem Engineering und Systemsupport. Wir investieren in Technologien und entwickeln sie weiter. Bei uns arbeiten einige der kreativsten Köpfe der Welt. Wir unterstützen sie darin, Kunden zu helfen, sich neu- und weiterzuentwickeln und ihnen dabei direkt und persönlich zu helfen. Unsere Teams sind innovativ, vielseitig und Meister mehrerer Disziplinen. Gemeinsam treiben sie Technologie an und nehmen die Welt dabei gleich mit.

WHO ARE WE LOOKING FOR

We’re looking for an Expert Vulnerability Management Engineer. This role is part of the Corporate Information Security (CIS) Operations Vulnerability Management Team, and participates in the attack surface reduction of global computing assets through the identification and assessment of vulnerabilities. We’re looking for someone that knows what we mean when we say vulnerability management in context; they should have a clear vision what it is, as well as how to get there, and are ready to help take our team on the journey.

This role is perfect for a team player with strong vulnerability management experience, vision, curiosity, and communication skills. The individual must be a problem solver, adept at making good decisions under pressure, comfortable with cross-functional and distributed teams, flexible with changing priorities, and thrive in an entrepreneurial environment. Our ideal candidate knows how to minimize complexity and focus on results, and relies on data to prove your point but also loves to think outside the box and solve problems creatively.

WHAT WILL YOU WORK ON

If this is you, you’ll be working with the Vulnerability Management team and performing these key tasks:

  • Elevate vulnerability management at Nike by enablement of a culture of data-driven, risk based, context aware decision making, by rising above the numbers and explaining insights to business users.
  • Leads the review of security vulnerabilities across a variety of technologies and environments to determine high risk vulnerabilities to business assets.
  • Lead meetings with business partners to ensure remediation efforts adhere to corporate standards and policies.
  • Provides expert level analysis/validation of remediation actions taken, opportunities for improvements and out of the box thinking for optimizations and solving road blocks.
  • Identify attack surface reduction opportunities via vulnerability data analysis, trends and asset metadata review as well as collaboration with threat intelligence and technology management.
  • Interface with other CIS organizations such as Governance, Risk and Threat Intelligence to report on program status and coordinate risk tracking.
  • Provide mentorship and training to team members on strategy as well as technology topics.
  • Actively participate in our cross functional security experts community.
WHO WILL YOU WORK WITH

This role reports to the Director of Attack Surface Management within the Corporate Information Security team.

WHAT YOU BRING
  • Bachelor’s Degree in Information Technology, Information Security/Assurance, Computer Science, Engineering, or related field of study, or any combination of relevant equivalent experience, education and training.
  • 7+ years of IT professional experience.
  • 4 years in an Information Security Role.
  • Experience with Vulnerability Assessment solutions such as Tenable Nessus, Rapid7 Nexpose, Qualys, Accunetix, WhiteHat
  • Deep technical understanding of CVSS, OWASP Top 10 and Vulnerability Exploitability ratings.
  • Ability to create automation tools using a scripting language such as Python, PowerShell.
  • success in fast-moving organizations with complex technology applications.
  • Understanding of a variety of technical concepts such as: Networking, systems administration, application development, cloud computing and information security best practices.
  • Experience with data analytics with the ability to provide qualitative analysis and recommendations.
  • Ability to balance and prioritize work.
  • Strong attention to detail, data accuracy, and data analysis.
  • Self-motivated and operates with a high sense of urgency and a high level of integrity.
  • The ability to learn and apply new concepts quickly.
  • Comfortable with interfacing with other internal or external organizations regarding security policy and standards violations, security controls failure and incident response situations.
  • Ability to assess and communicate risk within a business context.
  • Passion for security and a drive for continuous learning.

Open to remote work, except cannot work in Colorado, South Dakota, Vermont, and West Virginia.These candidates will be required to relocate.

Nike requires all applicants for this position to be vaccinated for COVID-19 as a condition of hire. As an equal opportunity employer, Nike will make accommodations to individuals who cannot be vaccinated in accordance with applicable law.


NIKE, Inc. ist ein Wachstumsunternehmen, das nach Mitarbeiterinnen und Mitarbeitern sucht, die mit uns wachsen möchten. Nike bietet ein großzügiges Leistungspaket, ein ungezwungenes Arbeitsumfeld, eine vielfältige und inklusive Unternehmenskultur und eine Atmosphäre, die berufliche Weiterentwicklung begünstigt. Unabhängig von Standort und Rolle verfolgen alle Beschäftigten von Nike gemeinsam ein Ziel: Jedem Athleten* der Welt Inspiration und Innovation zu bringen.

NIKE, Inc. legt bei der Auswahl seiner Mitarbeiter Wert auf Vielfalt. Wir prüfen qualifizierte Bewerber ohne Berücksichtigung von ethnischer Zugehörigkeit, Herkunft, Religion, Nationalität, Alter, sexueller Orientierung, Geschlecht, Geschlechtsidentität, Veteranenstatus und Behinderung.