Full-Time

Vulnerability Management Engineer

Posted on 4/23/2024

Celonis

1,001-5,000 employees

Process intelligence platform for business operations

Mid, Senior

Waterloo, IA, USA

Required Skills

Agile

Communications

Management

Requirements

Experience in vulnerability management or related field such as penetration testing, SOC, or threat intelligence
Familiar with industry standard security best practices and vulnerability management processes including compliance reporting
Demonstrated ability to participate in cross functional teams, including offsite, remote and offshore resources
Excel at prioritizing work and other demands for self and team including making risk-based decisions about remediation recommendations
Ability to define, communicate and execute on a vision and strategy
Ability to effectively communicate with technical and non-technical resources
Self-directed, works with minimal guidance, and recognizes when guidance needed
Demonstrated ability to stay abreast securing evolving technology such as cloud and mobile computing
Experience working in very large enterprise environment with diverse teams
Advanced experience with vulnerability scanning tools and other security testing tools
Understanding of attacker mindset, exploitation, and how vulnerabilities are leveraged

Responsibilities

Enhance the current Vulnerability Management strategy and process for Celonis
Act as a champion for vulnerability management and information security including broadening awareness and use of the team’s services, education of security best practices and integration with other business areas
Drive actionable metrics and reporting for operations and leadership transparency
Provide prompt attention and visibility into risks, vulnerabilities, and issues serving as an escalation path for team member effectiveness
Closely support and collaborate with Celonis’ Security Engineering and Trust teams
Serve as subject matter expert related to vulnerability management and secure configuration
Have the ability to understand and develop enterprise policy and technical standards with specific regard to vulnerability management and secure configuration
Be able to identify and assess the potential impact from vulnerabilities specific to Celonis’ environment, and determine and implement mitigating controls
Identify and lead the appropriate measures to manage/remediate vulnerabilities and reduce potential impacts on information resources to a level acceptable to the senior management of the company
Build strong partnerships with technical teams to promote best practices for managing vulnerabilities in an agile manner and within cloud solutions
Providing mentorship, coaching, performance management and support to team members with regard to vulnerability assessment, communication/rapport with other divisions and various levels of leadership, technical expertise, and career development
Oversight of onboard and offboard resources

We’re Celonis, the global leader in Process Mining technology and one of the world’s fastest-growing SaaS firms. We believe there is a massive opportunity to unlock productivity by placing data and intelligence at the core of business processes - and for that, we need you to join us.

The Team:

Our Global information security organization is responsible for security and trust. We think security-offensively and defensively. We continuously monitor our global security posture and are always adapting to the ever-changing threat landscape.

The Security Engineering team is tasked with building security into and breaking “all the things” at Celonis. Our builders are software security engineers and platform security engineers, and our breakers include red teamers as well as offensive and application security engineers. We also partner with our product and engineering teams for security by design practices and assist with triaging and remediating technical security issues.

The Role:

The Vulnerability Management Engineer will work within the Security Engineering team to enhance and ensure the continuous vulnerability lifecycle management within Celonis’ diverse environments. This role will work within a team of Vulnerability Management Engineers in the collection, monitoring, reporting, and impact assessment for vulnerability related data from partners, vendors, and internal intelligence sources. This individual will lead by building bridges and forming relationships with the technical teams within Celonis, to support strategies and controls for vulnerabilities within these environments.

The work you’ll do:

Enhance the current Vulnerability Management strategy and process for Celonis
Act as a champion for vulnerability management and information security including broadening awareness and use of the team’s services, education of security best practices and integration with other business areas
Drive actionable metrics and reporting for operations and leadership transparency
Provide prompt attention and visibility into risks, vulnerabilities, and issues serving as an escalation path for team member effectiveness
Closely support and collaborate with Celonis’ Security Engineering and Trust teams
Serve as subject matter expert related to vulnerability management and secure configuration
Have the ability to understand and develop enterprise policy and technical standards with specific regard to vulnerability management and secure configuration
Be able to identify and assess the potential impact from vulnerabilities specific to Celonis’ environment, and determine and implement mitigating controls
Identify and lead the appropriate measures to manage/remediate vulnerabilities and reduce potential impacts on information resources to a level acceptable to the senior management of the company
Build strong partnerships with technical teams to promote best practices for managing vulnerabilities in an agile manner and within cloud solutions
Providing mentorship, coaching, performance management and support to team members with regard to vulnerability assessment, communication/rapport with other divisions and various levels of leadership, technical expertise, and career development
Oversight of onboard and offboard resources

The qualifications you need:

Experience in vulnerability management or related field such as penetration testing, SOC, or threat intelligence
Drive to learn new things about vulnerability management, exploits, hacker techniques, and overall security operations
Familiar with industry standard security best practices and vulnerability management processes including compliance reporting
Demonstrated ability to participate in cross functional teams, including offsite, remote and offshore resources
Excel at prioritizing work and other demands for self and team including making risk-based decisions about remediation recommendations
Ability to define, communicate and execute on a vision and strategy
Ability to effectively communicate with technical and non-technical resources
Self-directed, works with minimal guidance, and recognizes when guidance needed
Demonstrated ability to stay abreast securing evolving technology such as cloud and mobile computing
Experience working in very large enterprise environment with diverse teams
Advanced experience with vulnerability scanning tools and other security testing tools
Understanding of attacker mindset, exploitation, and how vulnerabilities are leveraged

What Celonis can offer you:

The unique opportunity to work with industry-leading process mining technology
Investment in your personal growth and skill development (clear career paths, internal mobility opportunities, L&D platform, mentorships, and more)
Great compensation and benefits packages (equity (restricted stock units), life insurance, time off, generous leave for new parents from day one, and more)
Physical and mental well-being support (subsidized gym membership, access to counseling, virtual events on well-being topics, and more)
A global and growing team of Celonauts from diverse backgrounds to learn from and work with
An open-minded culture with innovative, autonomous teams
Business Resource Groups to help you feel connected, valued and seen (Black@Celonis, Women@Celonis, Parents@Celonis, Pride@Celonis, Resilience@Celonis, and more)
A clear set of company values that guide everything we do: Live for Customer Value, The Best Team Wins, We Own It, and Earth Is Our Future

About Us

Since 2011, Celonis has helped thousands of the world’s largest and most valued companies deliver immediate cash impact, radically improve customer experience and reduce carbon emissions. Its Process Intelligence platform uses industry-leading process mining technology and AI to present companies with a living digital twin of their end-to-end processes. For the first time, everyone in an organisation has a common language about how the business works, visibility into where value is hidden and the ability to capture it. Celonis is headquartered in Munich (Germany) and New York (USA) and has more than 20 offices worldwide.

Join us as we make processes work for people, companies and the planet.

Celonis is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. Different makes us better.

Accessibility and Candidate Notices

Celonis

View

Website

View Company Profile

Celonis provides a Process Intelligence platform that utilizes data from existing systems to create a digital twin of end-to-end processes, offering visibility into process inefficiencies and improvement opportunities for over 1,350 companies. The platform establishes a common language for understanding business operations and uncovering hidden value.

Company Stage

Series D

Total Funding

$2.4B

Headquarters

New York, New York

Founded

2011

Growth & Insights

Headcount

6 month growth

↑ 3%

1 year growth

↑ 4%

2 year growth

↑ 23%