Senior Security Engineer, Vulnerability Management

Senior Security Engineer, Vulnerability Management

HashiCorp is a fast-growing enterprise software company that solves development, operations, and security challenges in infrastructure so organizations can focus on business-critical tasks. Our open source software is used by millions of users to provision, secure, connect, and run any infrastructure for any application. The Global 2000 uses our enterprise software to accelerate application delivery and drive innovation through software. 

Security at HashiCorp is largely a remote team. While prior experience working remotely isn't required, we are looking for team members who perform well given a high level of independence and autonomy.

In this role, your responsibilities will include:

• Provide technical guidance to engineering teams regarding the impact of security issues. 
• Build a world class vulnerability management program and standard
• Assist in generating asset inventory and identifying discrepancies to remediate
• Automate vulnerability scanning
• Develop integrations between various tools and the vulnerability management system.
• Build and implement security processes and tools for risk reduction and mature corporate information security capabilities.
• Triage, respond to, and investigate security incidents affecting business applications, SaaS applications, and partner services.
• Identify, deploy, and improve existing and new internal security process with automation enhancements and improvements.
• Provide subject matter expertise on vulnerability management controls
• Build and implement security processes and tools for risk reduction and mature corporate information security capabilities.

We are looking for talented self-starters with 3+ years of security experience. We will consider experienced engineers with less security-specific experience but the desire to learn!

You may be a good fit if you have knowledge and experience around:

• Understanding vulnerabilities in endpoints and how to identify and remediate them. 
• Experience with vulnerability management, SIEM, Identity and access management,  and related processes and procedures
• General understanding of security fundamental and security operations
• Understanding of security management, governance, risk, and compliance
• Strong experience in automation, coding, and scripting languages