[Hiring] Senior Vulnerability Management Engineer @Sandisk

Role Description

We are seeking a highly skilled and experienced Senior Vulnerability Management Engineer to spearhead our vulnerability assessment, remediation, and attack surface reduction efforts.

• Lead Vulnerability Management:
  • Take ownership of the vulnerability management lifecycle, including identification, assessment, prioritization, remediation, and reporting of security vulnerabilities.
  • Oversee regular vulnerability scans, penetration tests, and security assessments to identify weaknesses in systems, networks, and applications.
• Attack Surface Reduction:
  • Analyze and map the organization’s attack surface, identifying potential entry points and areas of exposure.
  • Develop and implement strategies to reduce the attack surface across all digital assets, ensuring proactive defense against emerging threats.
  • Continuously monitor changes to the IT environment to ensure the attack surface remains minimized.
• Collaboration & Mentorship:
  • Work closely with cross-functional teams, including IT, DevOps, and security operations, to integrate vulnerability management practices into development and operational processes.
  • Provide mentorship and training to junior security team members.
• Stakeholder Communication:
  • Effectively communicate vulnerability management activities, findings, and risk mitigation strategies to technical and non-technical stakeholders, including senior leadership.
• Critical Decision-Making:
  • Make informed, critical decisions in high-pressure situations, ensuring the protection of the organization’s infrastructure and data.
• Governance & Continuous Improvement:
  • Stay current with the latest vulnerability management tools, technologies, and methodologies, and continuously improve the organization’s vulnerability management program.
  • Ensure that vulnerability and attack surface management processes comply with industry standards, regulations, and organizational policies.
• Automation and Tooling:
  • Evaluate and implement tools and technologies to automate vulnerability scanning, risk assessment, and remediation tracking.
  • Develop and maintain scripts, tools, and processes to streamline and enhance the effectiveness of the vulnerability management program.

Qualifications

• Deep understanding of vulnerability management tools (e.g., Nessus, Qualys, Tenable), systems architecture, and security technologies.
• Extensive experience in vulnerability assessment and management within large-scale, complex IT environments.
• Working with large ecosystems with a number of security-related tools such as Asset Management, Vulnerability Scanners (Nessus, Qualys), Endpoint Protection (CrowdStrike, Defender), SEIM, etc.
• Proficiency in scripting languages (e.g., Golang, Python, Bash, PowerShell) and experience with automation tools.

Requirements

• Relevant certifications such as CISSP, CISM, or CEH are preferred.
• Exceptional communication skills, with the ability to translate technical issues into business risks for stakeholders.
• Ability to make critical decisions under pressure and in complex situations.
• High level of integrity, professionalism, and attention to detail.
• Prior experience in a global, large-scale manufacturing environment is a plus.

Benefits

• Comprehensive package of benefits including paid vacation time; paid sick leave; medical/dental/vision insurance; life, accident and disability insurance; tax-advantaged flexible spending and health savings accounts; employee assistance program; other voluntary benefit programs such as supplemental life and AD&D, legal plan, pet insurance, critical illness, accident and hospital indemnity; tuition reimbursement; transit; the Applause Program, employee stock purchase plan, and Sandisk's Savings 401(k) Plan.