- We bring innovative thinking to the situations at hand.
- We seek out and incorporate diverse views to strengthen our outcomes.
- We work on challenging and rewarding projects.
- We offer competitive benefits:
- Hybrid work schedule (shared in-office days Tuesdays - Thursdays)
- Generous Time Off
- 40 Hours of Volunteer Time Off
- Tuition Reimbursement and Student Loan Repayment
- Paid Family Leave and Flexible Spending Accounts
- 401k with up to 5% employer match
- Fitness and Emotional Wellness Reimbursements
- Vulnerability Discovery and Management: Lead the effort to find security vulnerabilities across the organization's assets, including servers, web services, network devices, cloud infrastructure, and SaaS applications. This includes implementing and supporting security scanning tools such as Tenable, Amazon Inspector, SAST, and DAST, and conducting manual penetration tests when necessary.
- Triage and Prioritization: Evaluate identified vulnerabilities to figure out their nature, urgency, and potential impact. Work with technical and operational teams to categorize and prioritize vulnerabilities based on their refactored risk level, assigning proper response measures from immediate fixes to compensating controls.
- Technical Remediation: Collaborate with development, operations, and technology teams to address vulnerabilities in code, configurations, patches, and third-party libraries. Ensure proper mitigations are in place, including refactoring code, adjusting configurations, applying patches, or implementing compensating controls.
- Process Optimization and Reporting: Set up and manage an ongoing vulnerability management process that includes tracking, reporting, and communication mechanisms. Generate regular dashboards, reports, and updates for stakeholders and executives, ensuring compliance with regulatory requirements such as NY DFS, SOX, and SOC 2, and addressing specific customer needs.
- Continuous Improvement: Drive continuous improvement initiatives to optimize the technical security vulnerability management process. This includes refining the scope of scanning activities, expanding the vulnerability database, and enhancing collaboration with development and infrastructure teams to find and address vulnerabilities earlier in the application and infrastructure delivery process.
- Success for the Cybersecurity Engineer in the first year will include the establishment of a robust and efficient vulnerability management program that encompasses the full lifecycle from identification to remediation and reporting. This includes effectively integrating security tools and procedures into application delivery pipelines, reducing the time to detect and remediate vulnerabilities. Additionally, the engineer will have developed a comprehensive reporting and communication structure, offering clear insights into the organization's security posture, meeting regulatory requirements, and achieving measurable improvements in reducing vulnerabilities across critical assets.
- An undergraduate degree in cybersecurity or equivalent and relevant industry experience.
- 10+ years in cybersecurity with a strong emphasis on technical security vulnerability management, including penetration testing.
- Demonstrated ability to educate an engineering audience about technical application security vulnerabilities, i.e., OWASP Top Ten, OWASP API Security Top 10.
- Adept in a data-driven approach for decision-making and a risk-based mindset to prioritize and address security concerns effectively.
- A clear understanding of the business impact of security and the ability to align security strategies with business goals.
- Excellent communication and people skills, capable of engaging effectively with various functional areas.
- Analytical and problem-solving abilities.
- Strong understanding of AWS and Azure cloud services and experience finding and addressing security vulnerabilities within cloud platforms and workloads.
- Experience in DevSecOps practices, particularly in automating security testing within CI/CD pipelines and conducting static and dynamic code analyses.
-
Cybersecurity Engineer
4 days ago
Shaw University Raleigh, United StatesJob Summary: · Reporting to the Chief Information Officer, the Cybersecurity Engineer safeguards our digital assets against unauthorized access, modification, or destruction. This role is crucial in creating and maintaining our security infrastructure, responding to cyber threat ...
-
Senior Cybersecurity Engineer
1 day ago
Jobot Raleigh, United StatesJob Description · Job Description100% Remote on EST / Contract Consultant Opportunity / No Visas or C2C / Must be US Citizen / Draw on both your offensive and defensive cyber skills to understand the entire attack surface · This Jobot Consulting Job is hosted by: Blake Williams · ...
-
SR. Cybersecurity Engineer
2 weeks ago
Insight Global Raleigh, United StatesA lot of the responsible for ensuring the confidentiality, integrity, and availability of information through the design, implementation and management of the enterprise security systems while maintaining compliance with HIPAA, corporate policies, and other regulatory requirement ...
-
OT/ICS Cybersecurity Engineering Consultant
2 weeks ago
Coffman Engineers Raleigh, United StatesOT/ICS Cybersecurity Engineering Consultant (5+ years) · At Coffman Engineers, we serve as both prime consultant and sub consultant on projects large and small, including commercial, retail, institutional, government, industrial, and project/construction management. Incorporated ...
-
Cybersecurity Engineer
2 weeks ago
VetsEZ Durham, United StatesVetsEZ is seeking a highly talented Cybersecurity Engineer to be part of a remote team. The candidate will join the team as a Cybersecurity Engineer, where their expertise will be utilized to identify and minimize cybersecurity risks for the Department of Veterans Affairs (VA). T ...
-
Senior Cybersecurity Engineer
1 week ago
Blackwomenintech Cary, United StatesThe Team · We are seeking a Senior Cybersecurity Engineer to join American Tower's Information Security team. The team protects the confidentiality, integrity, and availability of data and systems in core systems and platforms. As a Senior Cybersecurity Engineer, your daily resp ...
-
Senior Cybersecurity Engineer
2 weeks ago
American Tower Cary, United States**The Team** · We are seeking a Senior Cybersecurity Engineer to join American Towers Information Security team. The team protects the confidentiality, integrity, and availability of data and systems in core systems and platforms. As a Senior Cybersecurity Engineer, your daily r ...
-
Senior Cybersecurity Engineer
2 weeks ago
American Tower Cary, United StatesJob Description · The Team · We are seeking a Senior Cybersecurity Engineer to join American Tower's Information Security team. The team protects the confidentiality, integrity, and availability of data and systems in core systems and platforms. As a Senior Cybersecurity Enginee ...
-
Principal Cybersecurity Engineer
5 days ago
American Tower Corporation Cary, United States Full timeThe Team · We are seeking a Principal Engineer, Cybersecurity Engineering to join American Tower's Information Security team. The team protects the confidentiality, integrity, and availability of data and systems in core systems and platforms. Day to day you will observe all the ...
-
Cybersecurity Engineer
2 weeks ago
Ultra Wake Forest, United StatesUnleash the Power of Multi-Mission Excellence: Safeguarding the Seas for the World's Navies. · Step into a world where cutting-edge technology meets unparalleled expertise. Ultra Maritime pioneers delivering multi-mission solutions that protect and empower the naval forces world ...
-
Cybersecurity Engineer
1 week ago
Labcorp Durham, United States Full timeLaboratory Corporation of America (LCA) is seeking a Cybersecurity Engineer to join the Office of Information Security, reporting to the Director of Security Engineering. The Cybersecurity Engineer will have particular strengths in Microsoft technologies, but will work across a v ...
-
Senior Cybersecurity Engineer
1 week ago
American Tower Corporation Cary, United States OTHERThe Team · We are seeking a Senior Cybersecurity Engineer to join American Tower's Information Security team. The team protects the confidentiality, integrity, and availability of data and systems in core systems and platforms. As a Senior Cybersecurity Engineer, your daily respo ...
-
Cybersecurity Engineer
2 weeks ago
Ultra Maritime, Ocean Systems Wake Forest, United StatesUnleash the Power of Multi-Mission Excellence: Safeguarding the Seas for the World's Navies. Step into a world where cutting-edge technology meets unparalleled expertise. Ultra Maritime pioneers delivering multi-mission solutions that protect and empower the naval forces worldwid ...
-
Senior Manager, Cybersecurity Engineering
3 weeks ago
American Tower Cary, United StatesThe Team · We are seeking a Senior Manager, Cybersecurity Engineering to join American Tower's Information Security team. The team protects the confidentiality, integrity, and availability of data and systems in core systems and platforms. Day to day you will observe all the secu ...
-
Senior Manager, Cybersecurity Engineering
2 weeks ago
American Tower Cary, United StatesThe Team · We are seeking a Senior Manager, Cybersecurity Engineering to join American Tower's Information Security team. The team protects the confidentiality, integrity, and availability of data and systems in core systems and platforms. Day to day you will observe all the secu ...
-
Senior Manager, Cybersecurity Engineering
3 weeks ago
American Tower Cary, United StatesJob Description · The Team · We are seeking a Senior Manager, Cybersecurity Engineering to join American Tower's Information Security team. The team protects the confidentiality, integrity, and availability of data and systems in core systems and platforms. Day to day you will o ...
-
Sr. Cybersecurity Engineer
2 weeks ago
Latino Community Credit Union Durham, United StatesThe Sr. Cybersecurity Engineer will safeguard LCCU's enterprise networks, systems, and applications against cyber threats. Will play a critical role in ensuring the security and integrity of LCCU's digital assets, ensuring the trust and confidentiality of LCCU's sensitive data an ...
-
Sr. Cybersecurity Engineer
2 weeks ago
Latino Community Credit Union Durham, United StatesThe Sr. Cybersecurity Engineer will safeguard LCCU's enterprise networks, systems, and applications against cyber threats. Will play a critical role in ensuring the security and integrity of LCCU's digital assets, ensuring the trust and confidentiality of LCCU's sensitive data an ...
-
Sr. Cybersecurity Engineer
2 weeks ago
Latino Community Credit Union Durham, United StatesThe Sr. Cybersecurity Engineer will safeguard LCCU's enterprise networks, systems, and applications against cyber threats. Will play a critical role in ensuring the security and integrity of LCCU's digital assets, ensuring the trust and confidentiality of LCCU's sensitive data an ...
-
Cybersecurity Senior Engineer
6 days ago
Truist Financial Corporation Zebulon, United StatesThe Senior IR Engineer within the advanced 24/7 Cyber Incident Response Team (CIRT), works in an interrupt mode and is responsible for receiving, investigating, and resolving all escalations properly. As Digital Forensics & Incident Response (DFIR) Security, Cybersecurity, Engine ...
Cybersecurity Engineer - Raleigh, United States - Enact Holdings, Inc.
Description
At Enact Mortgage Insurance (Nasdaq: ACT), we understand that there is no place like home. That is why we bring our deep expertise, insightful offerings, and extra mile service to work every day to help lenders put more people in homes and keep them there.
We are looking for a Cybersecurity Engineer in Raleigh, NC to join us in fulfilling our mission, while using our values of excellence, improvement, and connection. In this role, you will assume responsibility for enhancing our technical security vulnerability management processes with an emphasis on finding, triaging, coordinating, and addressing code, configuration, and patch related security vulnerabilities within our application delivery pipelines and in production, within cloud and on-premises.
WHY WORK AT ENACT
Required:
Enact is a leading publicly traded U.S. private mortgage insurance provider, offering borrower-centric products that enable lenders and other partners across the U.S. to help people responsibly achieve and maintain the dream of homeownership.
By empowering customers and their borrowers, Enact seeks to positively impact the lives of those in the communities in which it serves in a sustainable way. Headquartered in Raleigh, North Carolina, we play an active role in supporting a healthier Triangle community. We also support our colleagues' philanthropic efforts in their home communities across the U.S.
Enact values all perspectives, characteristics and experiences, and DEI remains at the forefront of what we do. We strive to create an environment where employees can bring their full, authentic selves to work to help each other and their customers.
We are proud to be an equal opportunity employer and all hiring decisions are based on merit, qualifications, and business needs. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.