Senior Security Automation Engineer
Our client is seeking a Senior Security Automation Engineer to join their dynamic team in Hillsboro, OR. As a Senior Security Automation Engineer, your role on the Corporate Information Security (CIS) Attack Surface Management team will be focused on the automation and integration of security vulnerability assessment tools to acquire vulnerability data, misconfigurations or code flaws. Sources of data will be from numerous enterprise and open source security assessment utilities. Your efforts will focus upon integration and automation of security toolsets deployment into cloud environments, secure development pipelines, automation and sharing of data between security toolsets, and interactions with a focus on improving overall system & application security.
Senior Security Automation Engineer Responsibilities:
Agile development & maintenance of automation script/tools to scale the attack surface management’s work across the enterprise organization.
Design, deploy and maintain automated configuration as code deployment of vulnerability assessment scanners & agents to cloud environments.
Develop custom platform integrations, data correlation, and processing strategies to reduce false positives, leverage asset metadata for context and align data against remediation policies.
Be the Subject Matter Expert (SME) for deployment & management of integrations of various security vulnerability assessment tools.
Assist technology community to effectively utilize the tools and remediate findings identified.
Assist with maintaining various pipeline integration of security tools into development SDLCs.
Effectively communicate complex technical issues simply to different audiences.
Ability to quickly learn new Information Security concepts and adapt to a fast-paced, ever-changing organization.
Working cross-functionally with multiple teams on establishing new processes and improving existing security across the platform.
Senior Security Automation Engineer Qualifications:
BS or MS degree preferred in computer science, information assurance or equivalent experience.
Software development background and strong knowledge of software development lifecycles.
Previous experience deploying and maintaining configuration as code systems, services, containers and applications in AWS, Azure and/or GCP.
Hands-on & automation experience with security toolsets such as vulnerability scanners (Nessus, Nexpose, Qualys), Dynamic Web application Scanners (WebInspect, AppSpider, Whitehat, Veracode) is preferred.
Experience in Application Security, administering web-based applications and servers.
Ability to develop and communicate recommendations to management.
Strong problem-solving and conceptual thinking abilities.
Benefits are available to eligible VanderHouwen contractors and include coverage for medical, dental, vision, life insurance, short and long term disability, and matching 401k.
VanderHouwen is an award-winning, Women-Owned, WBENC certified professional staffing firm. Founded in 1987, VanderHouwen has been successfully placing experienced professionals throughout the Pacific Northwest and nationwide. Our recruitment teams are highly specialized in either Technology and IT, Engineering, or Accounting and Finance career markets. Our recruiters value building meaningful, professional relationships with each candidate as well as developing honed knowledge of companies' staffing needs and workplaces. Partner with us to land your next exciting career.
VanderHouwen is an Equal Opportunity Employer and participates in E-Verify. VanderHouwen does not discriminate on the basis of race, color, religion, sex, national origin, age, disability, or any other characteristic protected by applicable local, state or federal civil rights laws.
Not Ready to Apply?