Senior Security Engineer
New York, New York
Employer: Intuit
Industry: Security, Risk & Fraud
Salary: Competitive
Job type: Full-Time
We are seeking an experienced and highly skilled Senior Security Engineer with over 5 years of experience in penetration testing and vulnerability management. This role requires deep expertise in identifying, assessing, and mitigating security vulnerabilities across various platforms and systems. The successful candidate will lead security assessments and collaborate closely with cross-functional teams to ensure our organization's security posture is robust. In addition, strong programming skills are essential to automate and streamline testing processes. Knowledge of OWASP, SANS25, CVE, and MITRE frameworks is crucial for this role.
This is an excellent opportunity for a seasoned security professional to make a significant impact on our organization's security posture by leading and enhancing our penetration testing and vulnerability management efforts. If you are passionate about cybersecurity and possess the required skills and experience, we encourage you to apply.
Responsibilities
This is an excellent opportunity for a seasoned security professional to make a significant impact on our organization's security posture by leading and enhancing our penetration testing and vulnerability management efforts. If you are passionate about cybersecurity and possess the required skills and experience, we encourage you to apply.
Responsibilities
- Conduct hands-on penetration testing of Generative AI applications and integrations, web applications, mobile applications, cloud environments, and Thick Client application ecosystems to identify vulnerabilities.
- Lead and manage the penetration testing and vulnerability management program, ensuring thorough planning, execution, and reporting.
- Validate identified vulnerabilities by removing false positives and develop remediation plans in conjunction with relevant teams.
- Utilize knowledge of OWASP Web, LLM and Mobile Top 10, SANS Top 25, CVE, and MITRE ATT&CK frameworks to guide security assessments and threat modeling.
- Work with the product development team and follow up on the security defects.
- Automate penetration testing processes, including onboarding, scanning, and reporting using available toolsets and scripting languages (e.g., Python, Perl, Bash).
- Automate the vulnerability management process and day-to-day tasks.
- Interface with executive leadership and technical staff to communicate findings, strategies, and remediation plans effectively.
- Develop and maintain penetration testing and vulnerability assessment methodologies, procedures, and tools.
- Stay current with the latest security threats, vulnerabilities, and trends, and integrate this knowledge into testing procedures and methodologies.
- Conduct security assessments for third-party vendors and suppliers to ensure compliance with security standards and policies.
- Prepare comprehensive reports and presentations that convey complex security findings to both technical and non-technical stakeholders.
- Collaborate with various teams within the organization, including Product Development, Blue Team, Security Engineering, and Vulnerability Management, to ensure comprehensive security coverage.
- Procure, develop, and maintain an inventory of security tools needed for various operations.
- Identify, collect, and report metrics related to the program's progress, operations, and findings.
- Research and assess new threats and vulnerabilities, providing informed recommendations for mitigating risks.
Created: 2024-09-28
Reference: 2024-56225
Country: United States
State: New York
City: New York
ZIP: 10036
Similar jobs:
-
Security Engineer, Maximum Application Security Team (MAST)
Amazon in New York, New York💸 $136000 per year -
Network and Security Engineer
Marist College in Poughkeepsie, New York💸 $80000 - $80000 per year -
Security Engineer II, Application Security Automation
Amazon in New York, New York💸 $136000 per year -
Security Engineering, L1 Support Engineer - USDS
TikTok in New York, New York -
Senior Application and Infrastructure Security Engineer
StateJobsNY in New York, New York -
Security Engineer II, Application Security
Amazon in New York, New York💸 $136000 per year -
Specialist Cyber Security Engineer Operations Technology
Metropolitan Transportation Authority in New York, New York💸 $118404 - $139755 per year -
Product Security Engineer
News Corp. Class A in New York, New York -
IT Security Engineer
MetroPlusHealth in New York, New York -
Student Assistant Internship (Information Security Engineering), Ref# 7814
StateJobsNY in Albany, New York -
Software Development Engineer III, Devices \u0026 Services Security
Amazon in New York, New York💸 $151300 per year -
Lead Security Engineer
Insight Global in New York, New York -
IT Security Engineer
NYC Health Hospitals in New York, New York -
Security Engineer II, AppSec Testing and Intelligence Automation
Amazon in New York, New York💸 $136000 per year -
(General Hire) Cybersecurity Engineering Intern (Security & Privacy, USDS)- 2025 Summer (BS/MS)
TikTok in New York, New York -
Security Engineer (Security Posture Analysis) - Offensive Security Operations - USDS
TikTok in New York, New York -
Cloud Network Security Engineer
SAIC in Remote Work, New York💸 $120001 - $160000. per year -
Tech Lead, Product Security Engineering
Google in New York, New York -
Security Engineer
Lawrence Harvey in New York, New York -
Security Engineer, Application Security Automation
Amazon in New York, New York💸 $136000 per year