Nike Jobs

Mobile nike Logo

Job Information

Nike Expert Vulnerability Management Engineer (Open to remote work, except the following locations: CO, SD, VT, and WV) in Beaverton, Oregon

WHAT YOU BRING

  • Bachelor’s Degree in Information Technology, Information Security/Assurance, Computer Science, Engineering, or related field of study, or any combination of relevant equivalent experience, education and training.

  • 7+ years of IT professional experience.

  • 4 years in an Information Security Role.

  • Experience with Vulnerability Assessment solutions such as Tenable Nessus, Rapid7 Nexpose, Qualys, Accunetix, WhiteHat

  • Deep technical understanding of CVSS, OWASP Top 10 and Vulnerability Exploitability ratings.

  • Ability to create automation tools using a scripting language such as Python, PowerShell.

  • success in fast-moving organizations with complex technology applications.

  • Understanding of a variety of technical concepts such as: Networking, systems administration, application development, cloud computing and information security best practices.

  • Experience with data analytics with the ability to provide qualitative analysis and recommendations.

  • Ability to balance and prioritize work.

  • Strong attention to detail, data accuracy, and data analysis.

  • Self-motivated and operates with a high sense of urgency and a high level of integrity.

  • The ability to learn and apply new concepts quickly.

  • Comfortable with interfacing with other internal or external organizations regarding security policy and standards violations, security controls failure and incident response situations.

  • Ability to assess and communicate risk within a business context.

  • Passion for security and a drive for continuous learning.

Open to remote work, except cannot work in Colorado, South Dakota, Vermont, and West Virginia.These candidates will be required to relocate.

WHO ARE WE LOOKING FOR

We’re looking for an Expert Vulnerability Management Engineer. This role is part of the Corporate Information Security (CIS) Operations Vulnerability Management Team, and participates in the attack surface reduction of global computing assets through the identification and assessment of vulnerabilities. We’re looking for someone that knows what we mean when we say vulnerability management in context; they should have a clear vision what it is, as well as how to get there, and are ready to help take our team on the journey.

This role is perfect for a team player with strong vulnerability management experience, vision, curiosity, and communication skills. The individual must be a problem solver, adept at making good decisions under pressure, comfortable with cross-functional and distributed teams, flexible with changing priorities, and thrive in an entrepreneurial environment. Our ideal candidate knows how to minimize complexity and focus on results, and relies on data to prove your point but also loves to think outside the box and solve problems creatively.

WHAT WILL YOU WORK ON

If this is you, you’ll be working with the Vulnerability Management team and performing these key tasks:

  • Elevate vulnerability management at Nike by enablement of a culture of data-driven, risk based, context aware decision making, by rising above the numbers and explaining insights to business users.

  • Leads the review of security vulnerabilities across a variety of technologies and environments to determine high risk vulnerabilities to business assets.

  • Lead meetings with business partners to ensure remediation efforts adhere to corporate standards and policies.

  • Provides expert level analysis/validation of remediation actions taken, opportunities for improvements and out of the box thinking for optimizations and solving road blocks.

  • Identify attack surface reduction opportunities via vulnerability data analysis, trends and asset metadata review as well as collaboration with threat intelligence and technology management.

  • Interface with other CIS organizations such as Governance, Risk and Threat Intelligence to report on program status and coordinate risk tracking.

  • Provide mentorship and training to team members on strategy as well as technology topics.

  • Actively participate in our cross functional security experts community.

WHO WILL YOU WORK WITH

This role reports to the Director of Attack Surface Management within the Corporate Information Security team.

NIKE, Inc. is committed to employing a diverse workforce. Qualified applicants will receive consideration without regard to race, color, religion, sex, national origin, age, sexual orientation, gender identity, gender expression, protected veteran status, or disability. NIKE is committed to working with and providing reasonable accommodation to individuals with disabilities. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the employment process, please call +1 503-671-4156 and let us know the nature of your request, your location and your contact information.

DirectEmployers