What's the role?
Security, Privacy, and Continuity (SPC) is a centralized organization that secures HERE products and services, ensures best-in-class security and privacy for customers and employees, and protects the organization against physical and virtual threats. SPC is a globally distributed team of security and privacy professionals and is growing to keep pace with HERE's expanding business and customer base.
HERE Technologies is seeking a Security Engineer who will provide help and support in various security activities executed by SPC Vulnerability Management and Security Tooling team. These would include, but won't be limited to – helping to build and support Vulnerability Management Program, work with various teams across HERE to identify and remediate vulnerabilities within product and enterprise environment, implementation of certain automation tasks.
Main Responsibilities
- Support in maintenance of various security tools including Vulnerability Management
- Develop automation to enhance the scalability of various security tools
- Work with stake holders in product, IT and enterprise teams to help to execute remediation plans for identified vulnerabilities, track execution of those to completion
- Participate in impact assessments, and help in execution of predetermined priorities for remediation aid in proper vulnerability monitoring coverage
- Assist in gathering data inputs on parameters to measure progress and success within vulnerability management program
- Support of vulnerability management tools integration into HERE monitoring and alerting systems (SIEM & SOAR)
Who are you?
you as our new Security Engineer would have previous experience with setting up, tuning and operations of modern Vulnerability Management, SAST and DAST tools in cloud environments. You have worked in an agile environment cooperating with internal teams to identify remediation plans for detected vulnerabilities.
Position Requirements
- Holistic understanding of modern attack vectors, threat landscape and vulnerability mitigation strategies
- Experience with vulnerability management tools – NSS, SAST, DAST
- Experience with vulnerability management in cloud environments - AWS, Azure
- Ability to maintain and develop automation in python
- Experience with Splunk
