Attack Surface Management Engineer

hace 2 semanas

Heredia, Costa Rica BMA Group A tiempo completo

**Job Title**:
Attack Surface Management Engineer

**Job Category**:
Professional

**Department/Group**:
Attack Surface Management

**Position Type**:
Full time

**Location**:
Remote, Costa Rica

**Reports to**:
Director Attack Surface Management
- Attack Surface Management EngineerDescription

The Attack Surface Management Engineer is responsible for activities related to Attack Surface Management, with the goal to ensure comprehensive visibility and actionability of the companies external attack surface, exposures, and vulnerabilities, minimizing the companies risk potential.

Functions
- Follows Attack Surface Mgmt processes to continuously monitor and improve visibility of the attack surface in order to detect anomalies faster and reduce incidences or potential of cyber-attacks.
- Generate comprehensive reports, including detailed findings, exploitation procedures, and mitigation techniques.
- Engage with business stakeholders to ensure they fully understand their Attack Surface, and helps them identify prioritization of vulnerabilities.
- Develops vulnerability KPIs/metrics to demonstrate coverage and remediation effectiveness.
- Execute daily operations of the Attack Surface Mgmt program, including the interpretation of scanning results.
- Asist in the identification of internal and external risks based on scanning results.
- Assist in the attribution of findings to appropriate business owner.
- Identify improvements to scan coverage.
- Coordinate with IT and geographically dispersed Business Units on vulnerability remediation and mitigation strategies.
- Assist in the documentation and standardization of process and procedures related to Attack Surface Mgmt
- Aggregating vulnerability data across technologies such as endpoints, servers, network equipment, and cloud and interpreting and presenting risk.

Responsibilities/Requirements
- Familiarity with common web vulnerabilities including: XSS, XXE, SQL Injection, Deserialization Attacks, Path Traversal Attacks, Remote Execution Flaws, and Authentication Flaws.
- Experience with one or more scripting languages such as Bash, Python, Perl, PowerShell, etc.
- Working knowledge of networking standards and protocols: IPv4 IPv6, TCP/IP, DNS, HTTPS, TLS, BGP, Firewalls and NAT, SMTP, VPN, ICMP, SSH, IPSec, etc.
- In-depth knowledge of architecture, engineering, and operations of one or more vulnerability management tools, such as Wiz, Qualys, Rapid7 and ServiceNow.
- Ability to provide creative solutions to complex problems.
- Ability to clearly communicate risk of vulnerabilities to all levels within an organization.
- Knowledge of major cloud platforms (AWS, Azure, or GCP).
- Knowledge of systems hardening and other risk mitigation factors on multiple technologies and operating systems (Window, Linux, Mac, routers, switches, Kubernetes).
- Ability to manage, organize, analyze, and present substantial amounts of data.
- Experience selecting and deploying product.

Position Requirements

Formal Education & Certification
- Four-year college diploma or university degree in computer science or computer engineering, and/or 3 years equivalent work experience.

Knowledge & Experience
- Certification that could be helpful but not required: CISSP, Security+, CEH, GIAC certifications.
- 2-4+ years of experience in information security vulnerability management role. 6+ years in security and/or technology engineering roles.
- Experience with large scale and complex environments.
- A broad and deep understanding of cybersecurity threats, vulnerabilities, controls, and remediation strategies.
- Applied knowledge and experience in cybersecurity, technology infrastructure, vulnerability management and security and controls.
- Excellent interpersonal skills and strong verbal and written communication.
- An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood and actionable manner.
- Strong organizational skills with proven ability to manage multiple high visibility issues simultaneously.
- Proactive attitude, seeking for improvement opportunities which can positively impact the security posture and the business.

Personal Attributes
- Excellent oral and interpersonal communication skills.
- Outstanding writing and documentation skills.
- Able to communicate ideas in both technical and user-friendly language.
- Highly self-motivated and directed, with keen attention to detail.
- Able to prioritize and execute tasks in a high-pressure environment.
- Experience working in a team-oriented, collaborative environment.
- Willing to travel globally as required.

  • Attack Surface Management Engineer

    hace 4 semanas

    Heredia, Costa Rica Bma Group A tiempo completo

    **Job Title**:Attack Surface Management Engineer**Job Category**:Professional**Department/Group**:Attack Surface Management**Position Type**:Full time**Location**:Remote, Costa Rica**Reports to**:Director Attack Surface Management- Attack Surface Management EngineerDescriptionThe Attack Surface Management Engineer is responsible for activities related to...

  • Attack Surface Management Engineer

    hace 1 semana

    Heredia, Costa Rica Experian A tiempo completo

    Company Description Experian is the world’s leading global information services company. During life’s big moments - from buying a home or a car, to sending a child to college, to growing a business by connecting with new customers - we empower consumers and our clients to manage their data with confidence. We help individuals to take financial control...

  • Attack Surface Management Engineer

    hace 4 semanas

    Heredia, Costa Rica Experian A tiempo completo

    Company DescriptionExperian is the world's leading global information services company.During life's big moments - from buying a home or a car, to sending a child to college, to growing a business by connecting with new customers - we empower consumers and our clients to manage their data with confidence.We help individuals to take financial control and...

  • Attack Surface Management Engineer

    hace 4 semanas

    Heredia, Costa Rica Experian A tiempo completo

    Company DescriptionExperian is the world's leading global information services company.During life's big moments - from buying a home or a car, to sending a child to college, to growing a business by connecting with new customers - we empower consumers and our clients to manage their data with confidence.We help individuals to take financial control and...

  • Attack Surface Management Metrics Specialist

    hace 4 semanas

    Heredia, Costa Rica Experian A tiempo completo

    Company Description**About us, but we'll be brief**Experian is the world's leading global information services company, unlocking the power of data to create more opportunities for consumers, businesses and society.We are thrilled to share that FORTUNE has named Experian one of the 100 Best Companies to work for.In addition, for the last five years we've...

  • Vulnerability Management Metrics Specialist

    hace 4 semanas

    Heredia, Costa Rica Experian A tiempo completo

    Company Description**About us, but we'll be brief**Experian is the world's leading global information services company, unlocking the power of data to create more opportunities for consumers, businesses and society.We are thrilled to share that FORTUNE has named Experian one of the 100 Best Companies to work for.In addition, for the last five years we've...

  • Security Vulnerability Metrics

    hace 2 semanas

    Heredia, Costa Rica BMA Group A tiempo completo

    **Job Title**: **Security Vulnerability Metrics & Data Analyst** **Job Category**: Professional **Department/Group**: **Attack Surface Management** **Position Type**: Full time **Location**: Remote, Costa Rica **Reports to**: Director Attack Surface Management Security Vulnerability Metrics & Data Analyst Description This role will establish and...

  • Logistics Sourcing Analytics Expert

    hace 4 semanas

    Heredia, Costa Rica Hewlett Packard Enterprise A tiempo completo

    Logistics Sourcing Analytics Expert - SurfaceThis role has been designated as 'Edge', which means you will primarily work outside of an HPE office.Global Operations prioritizes putting customers and partners first by developing the workforce of the future.This involves strategic, inclusive, and collaborative working culture.At our core, we strive to uphold...

  • Security Vuln Metrics

    hace 3 semanas

    Heredia, Costa Rica Experian A tiempo completo

    Company Description **About us, but we’ll be brief** Experian is the world’s leading global information services company, unlocking the power of data to create more opportunities for consumers, businesses and society. We are thrilled to share that FORTUNE has named Experian one of the 100 Best Companies to work for. In addition, for the last five years...

  • Security Vuln Metrics

    hace 4 semanas

    Heredia, Costa Rica Experian A tiempo completo

    Company Description**About us, but we'll be brief**Experian is the world's leading global information services company, unlocking the power of data to create more opportunities for consumers, businesses and society.We are thrilled to share that FORTUNE has named Experian one of the 100 Best Companies to work for.In addition, for the last five years we've...

  • Event Management Engineer

    hace 4 semanas

    Heredia, Costa Rica Hewlett Packard Enterprise A tiempo completo

    Event Management Engineer This role has been designated as ‘Edge’, which means you will primarily work outside of an HPE office.Our new innovative IT services organization is HPE Pointnext. We have the expertise to advise, integrate, and accelerate our customers’ outcomes from their digital transformation. The Event Management Team is the first line...

  • Senior Threat Detection Engineer

    hace 1 semana

    Heredia, Costa Rica Experian A tiempo completo

    Company Description About us, but we’ll be brief Experian is the world’s leading global information services company, unlocking the power of data to create more opportunities for consumers, businesses and society. We are thrilled to share that FORTUNE has named Experian one of the 100 Best Companies to work for. In addition, for the last five years...

  • Sr. Data Management Engineer

    hace 3 semanas

    Heredia, Costa Rica Smarsh A tiempo completo

    **Who are we?** Smarsh empowers its customers to manage risk and unleash intelligence in their digital communications. Our growing community of over 6500 organizations in regulated industries counts on Smarsh every day to help them spot compliance, legal or reputational risks in 80+ communication channels before those risks become regulatory fines or...

  • Senior Threat Detection Engineer

    hace 4 semanas

    Heredia, Costa Rica Experian A tiempo completo

    Company DescriptionAbout us, but we'll be briefExperian is the world's leading global information services company, unlocking the power of data to create more opportunities for consumers, businesses and society.We are thrilled to share that FORTUNE has named Experian one of the 100 Best Companies to work for.In addition, for the last five years we've been...

  • Associate Vulnerability Management Engineer

    hace 3 semanas

    Heredia, Costa Rica AlignTech A tiempo completo

    **Join a team that is changing millions of lives.** - Transforming smiles, changing lives_ At Align Technology, we believe a great smile can transform a person’s life, so we create technology that gives people the confidence to take on whatever’s next. We revolutionized the orthodontic industry with the introduction of the Invisalign system, and we have...

  • Sr. Data Management Engineer

    hace 3 semanas

    Heredia, Costa Rica Smarsh A tiempo completo

    **Who are we?**Smarsh empowers its customers to manage risk and unleash intelligence in their digital communications.Our growing community of over 6500 organizations in regulated industries counts on Smarsh every day to help them spot compliance, legal or reputational risks in 80+ communication channels before those risks become regulatory fines or...

  • Sr. Data Management Engineer

    hace 4 semanas

    Heredia, Costa Rica Smarsh A tiempo completo

    **Who are we?**Smarsh empowers its customers to manage risk and unleash intelligence in their digital communications.Our growing community of over 6500 organizations in regulated industries counts on Smarsh every day to help them spot compliance, legal or reputational risks in 80+ communication channels before those risks become regulatory fines or...

  • Change Management Engineer

    hace 2 semanas

    Heredia, Costa Rica Hewlett Packard Enterprise A tiempo completo

    Change Management Engineer This role has been designated as ‘Edge’, which means you will primarily work outside of an HPE office. Global Operations prioritizes putting customers and partners first by developing the workforce of the future. This involves strategic, inclusive, and collaborative working culture. At our core, we strive to uphold HPE’s...

  • Senior Identity Management Engineer with Okta

    hace 1 semana

    Heredia, Costa Rica FullStack Labs A tiempo completo

    FullStack is the fastest-growing software consultancy in the Americas. We help organizations like Uber, GoDaddy, MGM, Siemens, and Stanford University build distributed software development teams, and deliver transformational digital solutions. As an employee-first company, we focus on hiring the most talented software designers and developers in the western...

  • Event Management Software Engineer

    hace 4 días

    Heredia, Costa Rica ServiceNow A tiempo completo

    **Company Description** At ServiceNow, our technology makes the world work for everyone, and our people make it possible. We move fast because the world can’t wait, and we innovate in ways no one else can for our customers and communities. By joining ServiceNow, you are part of an ambitious team of change makers who have a restless curiosity and a drive...