Location: Canada, ON, WaterlooApply Now Connect with LinkedIn Connect with Xing
Know someone else who would be a perfect fit? Let them know!Send to a friend
The Security Engineer will fully understand a wide array of security processes and concepts. The Security Engineer leads the development and implementation of a critical program that identifies and manages OpenText’s Threat and Vulnerability Management (TVM) program delivering protection capabilities and solutions to reduce IT security related risks. This role is responsible for working directly across multiple teams, management levels, disciplines, technologist, and business groups. This is a hands-on role that will require detailed knowledge of security concepts, security services, and common security issues.
You are great at:
• Owning and delivering a risk based plan and roadmap for threat & vulnerability management services across global Commercial and Corporate infrastructures
• Partnering with the IT and engineering stakeholders to identify, understand and patch or otherwise mitigate security threats to support business needs
• Delivers expert capabilities and direction for threat & vulnerability management services
• Developing and delivering required threat & vulnerability management reporting capabilities
• Managing third party network and application security assessments
• Performing in-depth analysis of current threat activity and trends
• Identifying and resolving false positive findings in assessment results
• Providing support for audits and gathering of artifacts for ISO27001, PCI, SOC1 & SOC2, etc.
• Lead and deliver reporting and metrics including Key Risk Indicators (KRI’s) as required.
• Documenting process and procedures related to all aspects of a threat & vulnerability management program
What it takes:
• 7+ years’ experience in working in IT Security and 4+ years’ experience in working as a threat & vulnerability management expert
• Expert level familiarity with enterprise vulnerability management tools, such as Qualys, Rapid insightVM, Rapid7 Nexpose or Tenable Nessus
• Scripting experience (Python preferred) to automate repeatable tasks using vendor APIs
• Willingness to explore using open-source or in-house developed tools for vulnerability management services and reporting
• Demonstrated experience building, enhancing and managing vulnerability management programs
• Experience providing mentorship to other Security team members
• Expert in the ability to communicate to advanced technical teams as well as brief executive management on technical risks and issues, including assessment of compensating controls
• Experience creating and refining metrics to articulate and measure program performance
• Experience with system hardening and secure configuration frameworks
• Able to multi-task, prioritize, and resolve multiple inquiries at once
• Possess excellent writing and communication skills to effectively develop policies, and procedures, reports and documentation
• Required security certification such as Certified Information Systems Security Professional (CISSP). Preferred Information Systems Manager (CISM), SANS/ GIAC, CompTIA, or Certified in Risk and Information Systems Control (CRISC), or equivalent
• BS in Computer Science, Cyber Security, Information Assurance, or Information Security preferred
At OpenText we understand and value diversity in our employees and are proud to be an Equal Opportunity Employer. We hire the best talent regardless of sex, national origin, disability or race. If you require accommodation at any time during the recruitment process please email email@example.com.