Apply on Employer Site

SpaceX · 3 days ago

Sr. Vulnerability Management Engineer

Hawthorne, CA

Full-time

Onsite

Mid, Senior Level

$168K/yr - $230K/yr

4+ years exp

SpaceX is actively developing technologies to enable human life on Mars. The Senior Vulnerability Management Engineer will be responsible for maturing and operating the vulnerability management program, ensuring effective identification, management, and remediation of security vulnerabilities across the SpaceX environment.

Advanced MaterialsAerospaceManufacturingNational SecuritySpace Travel

Growth Opportunities

No H1B

U.S. Citizen Only

Responsibilities

Lead and champion efforts to define, implement, and enforce processes, policies, and procedures for vulnerability remediation, external attack surface management, and compliance policy scanning. Track open vulnerabilities and issues from identification to resolution, following up with remediation owners, enforcing Plans of Action & Milestones (POA&Ms), and escalating risks as necessary

Serve as a vulnerability management SME across multiple areas, including Microsoft platforms (servers, workstations, applications), open systems (Linux, UNIX, VMware ESXi), virtualization (e.g., VMware vSphere), networking, databases (SQL Server, MySQL, PostgreSQL), cloud environments (AWS, Azure, Google), public/private-facing services, and the SpaceX network stack. Stay up to date on the latest vulnerabilities, exploitation techniques, and exploits

Identify and recommend measures to manage and remediate vulnerabilities or security exposures, reducing potential impacts on information resources to levels acceptable to senior management. Partner with security and IT professionals to assess vulnerability impacts specific to the SpaceX environment (including financial systems) and implement mitigating controls

Act as a leader in vulnerability management and information security by broadening awareness and use of the team's services, educating on security best practices, and integrating with other business areas. Identify solutions for security problems while participating in the broader Information Security team

Conduct manual testing and/or work closely with red-teams to confirm vulnerabilities and exploits using offensive-security tools to identify false positives, validate security defenses, and pinpoint risk areas

Assist with the implementation, management, and maintenance of vulnerability management and external attack surface platforms/tools, including troubleshooting technical/functional issues and ensuring operational success

Configure integrations between vulnerability management/external attack surface tools and issue tracking systems to effectively communicate and track vulnerabilities. Develop scripts and automated mechanisms to streamline manual processes for gathering and consolidating information

Configure and maintain custom compliance policy scanning rulesets based on CIS benchmarks, and develop automated processes for reporting results to stakeholders

Develop and improve KPIs, metrics, and trending for vulnerability management functions. Brief leadership and stakeholders on important and critical vulnerabilities across the environment

Qualification

Vulnerability managementInformation securityLinuxCloud environmentsPythonTenableCIS benchmarksPenetration testingSoft skills

Required

Bachelor's degree in information systems, information security, computer science, engineering or similar technical field of study and 4+ years of professional experience in information security, networking and/or systems administration; OR 5+ years of professional experience in information security in lieu of a degree

4+ years of experience designing, building, implementing, and/or maintaining vulnerability and configuration management technologies in an enterprise level environment

Experience with Linux, Windows, and Mac system internals and configuration management tools