Tech Stack

Description

You will lead Plume's vulnerability management program, conducting assessments and audits across networks, applications, and operating systems. You'll partner with engineering and IT teams to identify threats, reduce risk, and implement security best practices.

Requirements

• Bachelor's degree in Information Security, Computer Science or related field or equivalent work experience
• 5+ years of professional experience in vulnerability management
• Experience with Crowdstrike, Rapid7, other EDR, MDM, XDR or SIEM
• Scripting in Python, Shell, Go, Javascript and ability to read APIs
• Expertise with Mac and Linux operating systems; understand AWS and GCP cloud resource vulnerabilities

Responsibilities

• Establish and own the end-to-end vulnerability program, including detection, tracking, prioritization, and reporting
• Coordinate with SOC/MSSP on vulnerability triage and detection rules/alerts
• Conduct vulnerability assessments for networks, applications, and operating systems
• Use Crowdstrike, DAST, SAST, Rapid7 to pinpoint vulnerabilities and reduce false positives
• Serve as advisor to engineering and dev teams on security best practices and design