As the Information Company, our mission at OpenText is to create software solutions and deliver services that redefine the future of digital. Be part of a winning team that leads the way in Enterprise Information Management.
The Security Engineer will fully understand a wide array of security processes and concepts. The Security Engineer leads the development and implementation of a critical program that identifies and manages OpenText’s Threat and Vulnerability Management (TVM) program delivering protection capabilities and solutions to reduce IT security related risks. This role is responsible for working directly across multiple teams, management levels, disciplines, technologist, and business groups. This is a hands-on role that will require detailed knowledge of security concepts, security services, and common security issues.
You are great at:
What it takes:
- Owning and delivering a risk based plan and roadmap for threat & vulnerability management services across global Commercial and Corporate infrastructures
- Partnering with the IT and engineering stakeholders to identify, understand and patch or otherwise mitigate security threats to support business needs
- Delivers expert capabilities and direction for threat & vulnerability management services
- Developing and delivering required threat & vulnerability management reporting capabilities
- Managing third party network and application security assessments
- Performing in-depth analysis of current threat activity and trends
- Identifying and resolving false positive findings in assessment results
- Providing support for audits and gathering of artifacts for ISO27001, PCI, SOC1 & SOC2, etc.
- Lead and deliver reporting and metrics including Key Risk Indicators (KRI’s) as required.
- Documenting process and procedures related to all aspects of a threat & vulnerability management program
- 7+ years’ experience in working in IT Security
- 4+ years’ experience in working as a threat & vulnerability management expert
- Expert level familiarity with enterprise vulnerability management tools, such as Qualys, Rapid insightVM, Rapid7 Nexpose or Tenable Nessus
- Scripting experience (Python preferred) to automate repeatable tasks using vendor APIs
- Willingness to explore using open-source or in-house developed tools for vulnerability management services and reporting
- Demonstrated experience building, enhancing and managing vulnerability management programs
- Experience providing mentorship to other Security team members
- Expert in the ability to communicate to advanced technical teams as well as brief executive management on technical risks and issues, including assessment of compensating controls
- Experience creating and refining metrics to articulate and measure program performance
- Experience with system hardening and secure configuration frameworks
- Able to work independently and efficiently, as well as with others, to meet deadlines