Staff Security Engineer
4 weeks ago
MUST HAVE STRONG: 7+ years in Cybersecurity roles, with at least 3 years specializing in Attack Surface Management. 5+ years of hands-on experience with Qualys ASM Platform (mandatory). 5+ years of experience with cloud platforms (AWS, Azure, or GCP) and securing cloud-based assets. We are seeking an External Attack Surface Management Staff Security Engineer to lead our efforts in identifying, analyzing, and mitigating risks associated with our organization's internet-facing assets. This critical role ensures that external assets, services, and endpoints are continuously monitored, assessed, and protected against emerging threats. The ideal candidate will have a strong background in cybersecurity, deep expertise with Qualys ASM Platform (mandatory), and a proactive approach to managing risks. Key Responsibilities: Attack Surface Discovery and Inventory - Leverage Qualys ASM Platform and advanced tools to identify external-facing assets such as cloud resources, domains, subdomains, APIs, and third-party integrations. Maintain an up-to-date inventory of all external assets and ensure continuous monitoring for changes or exposures. Vulnerability Identification and Remediation - Conduct regular scans and assessments using Qualys ASM to identify vulnerabilities across the attack surface. Collaborate with internal teams to prioritize and remediate vulnerabilities promptly. Automate vulnerability detection and notification processes. Risk Assessment and Threat Analysis - Analyze risks associated with identified vulnerabilities and provide actionable recommendations to mitigate exposure. Monitor emerging threats targeting external assets and take proactive measures to address them. Incident Response and Escalation - Act as the Subject Matter Expert (SME) for incidents involving external-facing assets. Provide analysis and recommendations during incident response and forensic investigations. Tool Management and Automation - Manage and optimize Qualys ASM Platform, including configuration, updates, and integration with other security tools (e.g., SIEM, SOAR). Develop scripts or workflows to automate attack surface discovery and monitoring. Collaboration and Stakeholder Engagement - Partner with development, DevOps, IT, and third-party vendors to secure external assets throughout their lifecycle. Provide training and awareness on attack surface management best practices. Policy and Governance - Enforce security policies, standards, and guidelines for external assets. Conduct regular security assessments and audits to mitigate risks and maintain compliance with regulations (e.g., PCI DSS, HIPAA, SOX). Reporting and Metrics - Develop reports and dashboards highlighting vulnerabilities, risk trends, and remediation progress. Track and communicate KPIs to measure the effectiveness of the attack surface management program. Preferred Qualifications: Strong understanding of networking, DNS, web applications, APIs, and common vulnerabilities (e.g., OWASP Top 10). Proficiency in scripting languages (e.g., Python, Bash, PowerShell) for automation. Experience with vulnerability management and penetration testing methodologies. Certifications such as CISSP, GSEC, GPEN, OSCP, or Qualys VMDR/CSAM are highly desirable. Excellent communication, reporting, and problem-solving skills.
-
Staff Product Security Engineer
3 weeks ago
Chicago, United States PayPal Full timeJoin to apply for the Staff Product Security Engineer role at PayPal. 3 days ago Be among the first 25 applicants. As a Staff Product Security Engineer at PayPal, you’ll drive secure design practices that safeguard 434M accounts and $1.6T in annual payment volume. You’ll lead the Security Design Reviews Program and Security Champions Program, partner...
-
Staff Product Security Engineer
3 weeks ago
Chicago, United States PayPal Full timeCompany PayPal has been revolutionizing commerce globally for more than 25 years. Creating innovative experiences that make moving money, selling, and shopping simple, personalized, and secure, PayPal empowers consumers and businesses in approximately 200 markets to join and thrive in the global economy. We operate a global, two‑sided network at scale that...
-
Staff Security Research Engineer
3 weeks ago
Chicago, United States Proofpoint Full timeStaff Security Research Engineer Join Proofpoint as a Staff Security Research Engineer. About Us Proofpoint is a leader in human‑centric cybersecurity, protecting half a million customers worldwide. What You’ll Do Design and develop software primarily in Python, leading other engineers on the team. Modify existing web‑based UI for internal tools to...
-
Staff Security Engineer
3 weeks ago
Chicago, United States Tech Tammina Full timeMUST HAVE STRONG : 7+ years in Cybersecurity roles, with at least 3 years specializing in Attack Surface Management. 5+ years of hands–on experience with Qualys ASM Platform (mandatory). 5+ years of experience with cloud platforms (AWS, Azure, or GCP) and securing cloud‑based assets. We are seeking an External Attack Surface Management Staff Security...
-
Staff Product Security Engineer
3 days ago
Chicago, IL, United States PayPal Full timeThe Company PayPal has been revolutionizing commerce globally for more than 25 years. Creating innovative experiences that make moving money, selling, and shopping simple, personalized, and secure, PayPal empowers consumers and businesses in approximately 200 markets to join and thrive in the global economy. We operate a global, two-sided network at scale...
-
Staff Security Operations Engineer
3 weeks ago
Chicago, United States Canonical Full timeGet AI-powered advice on this job and more exclusive features. We have opened several senior/staff Security Operations Engineer (SOC) positions, creating a new team reporting to the CISO. We are looking for a range of experience in these positions - at the high end we are looking for deep experience defending highly contested critical assets and high-value...
-
Staff Product Security Engineer
2 weeks ago
Chicago, United States ExecutivePlacements.com Full timeRole Overview PayPal seeks a seasoned security expert to lead complex, high‑impact security projects across the organization. The role entails setting strategic direction for the Security Design Reviews Program, defining and scaling initiatives such as the Security Champions Program, and driving the integration of secure design practices into global...
-
Staff Security Engineer
7 days ago
Chicago, IL, United States Tech Tammina Full timeMUST HAVE STRONG: 7+ years in Cybersecurity roles, with at least 3 years specializing in Attack Surface Management. 5+ years of hands-on experience with Qualys ASM Platform (mandatory). 5+ years of experience with cloud platforms (AWS, Azure, or GCP) and securing cloud-based assets. We are seeking an External Attack Surface Management Staff Security...
-
Staff Security Engineer
23 hours ago
Chicago, IL, United States Tech Tammina Full timeMUST HAVE STRONG: 7+ years in Cybersecurity roles, with at least 3 years specializing in Attack Surface Management. 5+ years of hands-on experience with Qualys ASM Platform (mandatory). 5+ years of experience with cloud platforms (AWS, Azure, or GCP) and securing cloud-based assets. We are seeking an External Attack Surface Management Staff Security...
-
Staff Security Engineer
3 days ago
Chicago, IL, United States Tech Tammina Full timeMUST HAVE STRONG: 7+ years in Cybersecurity roles, with at least 3 years specializing in Attack Surface Management. 5+ years of hands-on experience with Qualys ASM Platform (mandatory). 5+ years of experience with cloud platforms (AWS, Azure, or GCP) and securing cloud-based assets. We are seeking an External Attack Surface Management Staff Security...
