Platform Security Vulnerability Management Engineer
Posted on 4/3/2024
Fivetran

1,001-5,000 employees

Automates data movement across cloud platforms for efficient ELT processes.
Company Overview
Fivetran stands out as a leading company in the automation of data movement across cloud platforms, providing a reliable service with a 99.9% uptime and self-healing pipelines. The company's culture prioritizes efficiency and high-impact work, as it automates time-consuming elements of the Extract, Load, Transform (ELT) process, freeing data engineers to focus on more critical projects. With a diverse client base including top brands like Autodesk and JetBlue, and a global presence, Fivetran demonstrates industry leadership in facilitating data-driven decisions and business growth.
Data & Analytics

Company Stage

Series D

Total Funding

$889.3M

Founded

2012

Headquarters

Oakland, California

Growth & Insights
Headcount

6 month growth

3%

1 year growth

12%

2 year growth

28%
Locations
Remote in USA
Experience Level
Entry
Junior
Mid
Senior
Expert
Desired Skills
Management
Development Operations (DevOps)
CategoriesNew
IT & Security
Cybersecurity
IT Project Management
Requirements
  • Experience with a thriving vulnerability management team and program that includes both Application Security and Cloud Security components
  • Strong analytical skills to determine metrics and reports needed to drive action for both the team and the engineering organization
  • Ability to conduct root cause analysis against vulnerabilities and determine feasible technical solutions
  • Technical background and ability to write scripts and code to integrate tool APIs with internal ticketing, ASPM/VM, and CI/CD pipeline tools
  • Collaborative experience working closely with product teams, SRE/DevOps, and software engineers to drive adoption of security mindset into processes and SDLC habits
Responsibilities
  • Collaborate with engineering teams during our semi-annual vendor-led pentesting engagement, including verification of results and pursuit of remediation
  • Assist in the manage both Cloud Infrastructure and Application Security vulnerabilities from a variety of sources: Internal/External Reports, SAST, SCA, Sonar, DAST, Pentesting, Security Scorecard, CSPM, and Incidents
  • Analyze, validate, demonstrate, and adjust severity of vulnerabilities based on actual risk to the organization
  • Document guidance to provide clarity about our vulnerability reporting and remediation processes
  • Refine the secure coding and secure cloud configuration guidance and standards provided to engineers
  • Assisting with evaluation and management of tools for detecting and managing security vulnerabilities
  • Take a “hands-on” approach to build automated integrations with security tools, as well as solutions to inventory, monitor, and report on vulnerability process maturity to leadership and other stakeholders