We're hiring!

All jobs are 100% remote and applicants must be available 9am - 5pm PDT.

Please include your resume when applying.

Privacy: We will use your data only for our hiring purposes. We do not sell your data.

Tier 2 Triage

Responsibilities

This position will provide vulnerability assessment support, focused on managing incoming vulnerability disclosure cases after they have been already verified (tier 1). Additional responsibilities include performing research and analyzing current threats and vulnerabilities that may affect the enterprise, writing security advisories, and participating as team member performing focused adversarial assessments. 

Activities

  • Owning end-to-end case resolution of incoming security reports, to include any additional investigation

  • Perform research on current threats and vulnerabilities

  • Author security advisories

  • Manage enterprise vulnerability compliance

  • Conduct vulnerability assessments of IT systems

  • Other duties as assigned

Qualifications & Skills

  • Firm understanding of Vulnerability Coordination and Disclosure

  • Familiarity with ISO 29147 and 30111 

  • Demonstrated Experience with vulnerability assessment, including expert experience in at least two of the following areas

    • Vulnerability Assessment

    • Intrusion Prevention and Detection

    • Access Control and Authorization

    • Policy Enforcement

    • Application Security

    • Protocol Analysis

    • Firewall Management

    • Incident Response

    • Encryption

    • Web filtering

    • Advanced Threat Protection

Please include your resume when applying

Tier 3 Security Engineer

Responsibilities

Vulnerability Management Security Engineer is expected to identify solutions for common security problems while participating in a broader Cyber Security team focused on building relationships with developers and engineers across the organization, and executing complex projects with minimal oversight.

Activities

  • Advise the root cause investigation of vulnerabilities and propose sound security engineering resolution.

  • This role will involve engagement as a functional liaison with product and engineering managers, infrastructure owners, security leadership, executive leaders across the company, and development and systems engineers.

  • Familiarity with common vulnerabilities, security bugs, CVE’s, and the various mechanism that Cyber Security organizations use to discover the same is important.

Qualifications & Skills

  • Familiar with various development environments and application security vulnerability.

  • A successful candidate may have exposure to vulnerability tracking tools, risk frameworks, governance committees, an understanding of the nuances of reporting on vulnerability status across the business and up the chain, and a knack for organizing disparate sets of vulnerability data into actionable metrics.

  • An engineering mindset toward tracking of vulnerabilities in automated and scalable ways will take you far.

Please include your resume when applying

© Luta Security, Inc.