Description
In this role, you will:
The Software engineer will be a key part of the Cloud engineering team, reporting to the Head of VM Operations. They will be responsible reviewing, designing and implementing a new approach to extract and push cloud vulnerability findings in to the Vulnerability Consolidation Platform. The target is to ensure consistent data is available and that data feeds present assets and findings with the ownership information provided from source.
Recruitment process:
- Initial interview (with hireplace.it) [~15 min.]📞
- General interview (HR & technical) [30-60 min.]💡
- Tech interview [1h-1,5h]🖥
- Decision 🤝
Responsibilities
- TOOLING OPERATIONAL MANAGEMENT:
- Review and assess the current data flows from scanning through to consolidation in to the vulnerability consolidation platform
- Ensuring all assets with vulnerabilities have ownership identified and available to be presented / consolidated in to the Vulnerability Consolidation Platform
- Ensure that the vulnerability feeds are presenting or making available all identified vulnerabilities in a format consumable by the vulnerability consolidation platform.
- Understanding how to develop and extract findings from the native vulnerability scanning tool and interlink with the AWD asset inventory
- Monitoring the Vulnerability Consolidation platform to ensure that all down/upstream operational systems utilising data can consume it. Escalating any identified issues to management
- Vulnerability Consolidation Platform:
- Uplifting the VCP to be able to accommodate direct vulnerability feeds from source.
- Ensuring all vulnerability data feeds are functioning as per design and that new data feeds remain on track for delivery into production.
- KEY PARTNER ENGAGEMENT:
- Collaborating with the Cloud CSP leads, The Vulnerability Operations Team and Vulnerability Management Reporting teams, who are accountable for the end to end vulnerability data flows.
- MEETING MANAGEMENT:
- Administration and management of meetings including planning/executing the agenda, monitoring attendance and recording/ tracking the actions.
- GENERAL:
- Adhoc tasks as required, including support to other operational and governance activities within Cybersecurity.
- Ensuring values and ‘tone of voice’ are maintained across all communication content and channels.
Requirements
- Commercial experience with GCP (must have!)
- Experience of identifying issues and tracking them to conclusion.
- Excellent organisational, administrative, analytical and data management skills, with the ability to work accurately and methodically whilst under pressure to meet deadlines.
- Excellent written and oral communication skills, including the ability to work on reports/ presentations for senior management, and present to large audiences
- Experience of influencing, challenging and managing stakeholders.
- Strong interpersonal skills with the ability to build effective working relationships with colleagues and work well as part of a team.
- Pro-active, independent individual with a positive attitude who is able to work remotely
- Understanding of Microsoft Teams and Confluence.
- Understanding of the Vulnerability Management lifecycle (including scanning and assessment approaches) and Patch management.
- Expert usage of Python, Terraform, Bash/Powershell and BigQuery
We offer
- Contract via contracting company ♾️
- Attractive salary on B2B contract 💸
- One month notice period 🤝
- Private health care (LuxMed), employees’ benefits (Multisport) 🏥
- Informal work environment 👕👖
- Agile methodologies
- (Almost) 100% remote work (max. 3 days a month from the office in Krakow) 🏡🏡🏡🏡🏢