Senior Vulnerability Management Engineer

About The Position

Requirements

• Deep understanding of vulnerability management tools (e.g., Nessus, Qualys, Tenable), systems architecture, and security technologies.
• Extensive experience in vulnerability assessment and management within large-scale, complex IT environments.
• Working with large eco systems with a number of security related tools such as Asset Management, Vulnerability Scanners (Nessus, Qualys), Endpoint Protection (CrowdStrike, Defender), SEIM etc…
• Proficiency in scripting languages (e.g., Golang, Python, Bash, PowerShell) and experience with automation tools.

Nice To Haves

• Relevant certifications such as CISSP, CISM, or CEH are preferred
• Exceptional communication skills, with the ability to translate technical issues into business risks for stakeholders.
• Ability to make critical decisions under pressure and in complex situations.
• High level of integrity, professionalism, and attention to detail.
• Prior experience in a global, large-scale manufacturing environment is a plus.

Responsibilities

• Lead Vulnerability Management: Take ownership of the vulnerability management lifecycle, including identification, assessment, prioritization, remediation, and reporting of security vulnerabilities.
• Oversee regular vulnerability scans, penetration tests, and security assessments to identify weaknesses in systems, networks, and applications.
• Attack Surface Reduction: Analyze and map the organization’s attack surface, identifying potential entry points and areas of exposure.
• Develop and implement strategies to reduce the attack surface across all digital assets, ensuring proactive defense against emerging threats.
• Continuously monitor changes to the IT environment to ensure the attack surface remains minimized.
• Collaboration & Mentorship: Work closely with cross-functional teams, including IT, DevOps, and security operations, to integrate vulnerability management practices into development and operational processes.
• Provide mentorship and training to junior security team members.
• Stakeholder Communication: Effectively communicate vulnerability management activities, findings, and risk mitigation strategies to technical and non-technical stakeholders, including senior leadership.
• Critical Decision-Making: Make informed, critical decisions in high-pressure situations, ensuring the protection of the organization’s infrastructure and data.
• Governance & Continuous Improvement: Stay current with the latest vulnerability management tools, technologies, and methodologies, and continuously improve the organization’s vulnerability management program.
• Ensure that vulnerability and attack surface management processes comply with industry standards, regulations, and organizational policies.
• Automation and Tooling: Evaluate and implement tools and technologies to automate vulnerability scanning, risk assessment, and remediation tracking.
• Develop and maintain scripts, tools, and processes to streamline and enhance the effectiveness of the vulnerability management program.

Benefits

• You will be eligible to participate in Sandisk's Short-Term Incentive (STI) Plan, which provides incentive awards based on Company and individual performance.
• Depending on your role and your performance, you may be eligible to participate in our annual Long-Term Incentive (LTI) program, which consists of restricted stock units (RSUs) or cash equivalents, pursuant to the terms of the LTI plan.
• RSU awards are also available to eligible new hires, subject to Sandisk's Standard Terms and Conditions for Restricted Stock Unit Awards.
• We offer a comprehensive package of benefits including paid vacation time; paid sick leave; medical/dental/vision insurance; life, accident and disability insurance; tax-advantaged flexible spending and health savings accounts; employee assistance program; other voluntary benefit programs such as supplemental life and AD&D, legal plan, pet insurance, critical illness, accident and hospital indemnity; tuition reimbursement; transit; the Applause Program, employee stock purchase plan, and the Sandisk's Savings 401(k) Plan.