Security Engineer, Vulnerability Management (Remote USA)

Security Engineer, Vulnerability Management: (Remote US):

RingCentral is the global leader in cloud-based communications and collaboration software. We are fundamentally changing the nature of human interaction—giving people the freedom to connect powerfully and personally from anywhere, at any time, on any device.

As part of the RingCentral CISO team, you’ll help define and drive security discipline and standards required for complex, business-critical problems supported with elegant, user-friendly solutions that perform at massive scale. It’s a once-in-a-career chance to get your hands on the latest-and-greatest technologies, and build the platform that’s reshaping the way the world communicates. 

About this role: 
As a Security Engineer, Vulnerability Management at RingCentral, your primary responsibilities will be to perform vulnerability scans of our systems and networks, and monitor, triage and track remediation of vulnerabilities. In addition you'll be developing automation for these tasks. This role can be based 100% remote, or as a hybrid employee based at our Belmont CA, Denver CO, or Dallas TX offices.  

Primary Duties:
⦁    Maintain Vulnerability Management process
⦁    Perform vulnerability scans using different tools/methods
⦁    Prioritize findings and assign them to system/service owners
⦁    Monitor for, triage and track remediation of vulnerabilities in our systems and networks
⦁    Conduct risk-based evaluation of policy exception requests
⦁    Develop automatization for all steps above
⦁    Develop visualization of current VM state
⦁    Participate in and assist with audits of information security program (FedRAMP, SOX, GDPR, SOC2, HITRUST)
⦁    Act as a member of the information security policy review committee

Additional Roles and Responsibilities:
⦁    Conduct routine log review of information security events, investigating and responding as necessary
⦁    Maintain and enhance monitoring capabilities to ensure the integrity of our systems and networks
⦁    Act as a member of the Incident Response Team, triaging, responding to and reporting incidents and associated metrics
⦁    Administer and maintain security products (phishing training, vulnerability management, web application firewall, SIEM, IDS, (h)IPS, EDR, etc)
⦁    Participate in on-call rotation
⦁    Maintain a comprehensive understanding of our information systems
⦁    Work closely with the multiple operation teams to implement and enforce our policy
⦁    Coordinate and participate in external assessments of our information security (risk assessment, penetration test, incident response tabletop)

Required Skills:
⦁    Experience operating vulnerability scanning tools (Qualys, Nessus, etc)
⦁    Familiarity with vulnerability management concepts, such as CVE and CVSS
⦁    Familiarity with hardening standards and benchmarks (CIS, STIG, etc)
⦁    Strong knowledge of …