Security Engineer II - Vulnerability Management

  • Full-time

Company Description

Twitter is what’s happening and what people are talking about right now. For us, life's not about a job, it's about purpose. We believe real change starts with conversation. Here, your voice matters. Come as you are and together we'll do what's right (not what's easy) to serve the public conversation.

Job Description

You will be responsible for helping manage and maintain the sTwitter’s Vulnerability Management Program. This program helps track vulnerabilities at Twitter, and works with a variety of teams to ensure they are addressed.

As a security engineer in the Vulnerability Management team, you will:

  • Analyze results from vulnerability scanners, our bug bounty program, third party alerts, and other inputs to identify vulnerabilities and recommend appropriate responses.

  • Validate, prioritize, and triage identified vulnerabilities to product/service owners.

  • Surface data about false-positives reports and make recommendations for scanner modifications to improve quality of output.

  • Track remediation/patch metrics and identify any blockers to remediation.

  • Educate product/service owners about their obligations and enforce remediation timelines.

  • Support the operation of Vulnerability Management tools, including upgrades, patching, and maintenance, and coordinate with third-party vendors where applicable.

  • Escalate issues to incident response, legal, and privacy partners where applicable.

Qualifications

  • Undergraduate degree or equivalent experience (engineering, social sciences, arts, etc. are all fine)

  • At least 1 year of relevant experience (other jobs, grad school, etc) in information security

  • Broad knowledge of attack vectors, exploits, and mitigations that work at scale.

  • Experience with security testing tools, vulnerability management, and risk assessment.

  • Understanding of security challenges in service architectures or large distributed systems.

Additional Information

All your information will be kept confidential according to EEO guidelines.

We care deeply about the people who use our platform. We strive to protect them and ensure they can make informed decisions about how they choose to use Twitter. We put our users first and consider their well-being in all of our decisions.

We care about making work rewarding and productive for everyone, with flexibility in where and how you work, wellness benefits, twenty weeks of parental leave, and unlimited vacation that we believe you should be taking.

We value diversity of experience and ideas. We love sharing knowledge and learning from each other. We have regular lightning talks and get together with the other Twitter teams for tech talks. And there are many study groups you can join.

Privacy Policy