Zscaler (NASDAQ: ZS) accelerates digital transformation so that customers can be more agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange is the company's cloud-native platform that protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location.
With more than 10 years of experience developing, operating, and scaling the cloud, Zscaler serves thousands of enterprise customers around the world, including 450 of the Forbes Global 2000 organizations. In addition to protecting customers from damaging threats, such as ransomware and data exfiltration, it helps them slash costs, reduce complexity, and improve the user experience by eliminating stacks of latency-creating gateway appliances.
Zscaler was founded in 2007 with a mission to make the cloud a safe place to do business and a more enjoyable experience for enterprise users. Zscaler's purpose-built security platform puts a company's defenses and controls where the connections occur-the internet-so that every connection is fast and secure, no matter how or where users connect or where their applications and workloads reside.
The Staff Vulnerability scanning and Remediation SRE will work with the Sr. Manager, Vulnerability scanning, and Remediation Management team. This role will be responsible for delivering FEDRAMP compliance services to Zscaler customers. You are passionate about and have an advanced level of working knowledge in information security, always desire to learn and improve, and mentor others. A deep level of experience in enterprise vulnerability management is required. The ability to drive change and applying Security knowledge skills are critical success factors. Cross-functional communication skills are necessary for this role, as you will need to translate highly technical concepts into risk impact and advise decision-makers on the best course of action.
Build strong relationships with Compliance, Security, QA, and Engineering teams from across Zscaler.
Identify and handle vulnerability assessments to identify vulnerabilities or confirm compliance to security standards using enterprise vulnerability tools
Head-up compliance and vulnerability scans for ConMon.
Analyze results from vulnerability scans and drive remediation planning
Assess identified vulnerabilities and compliance results to understand their impact and potential mitigation and create a plan.
You should be able to patch vulnerabilities and rerun the scan to pass the compliance.
As a Senior level Representative of the scanning and Remediation team, you should be able to work with Engineering owners, System Engineering teams, and QA in a security expert role to facilitate vulnerability findings prioritization and remediation.
Ensure documentation of identified false positives and exclusions from Scans.
Ensure vulnerability and compliance scan results are consumable by the Security and Engineering teams.
Partner with FedRAMP Compliance team to develop detection content related to vulnerabilities & participate in security findings.
Partner with the Security team to contribute to a common operating picture of aggregate risk exposures.
5+ years professional/practical IT or IT Security experience; or three years and a Master's degree .
Expert-level knowledge and skills on UNIX-based operating systems and can patch OS/fix vulnerabilities.
Two years or more of experience as a full-time vulnerability analyst.
FedRAMP high/Moderate experience is a MUST.
Experience with performing complex vulnerability scans in both on-prem and cloud environments using vulnerability assessment tools like Tenable.
High level of experience with understanding the scan results.
Ability to patch, analyze, identify, and developing remediation plans for compliance and vulnerabilities.
In-depth understanding of network & web-based attacks and remediation.
Deep knowledge level of well-known vulnerabilities and exploits.
Proven history of solving problems.
Excellent communication skills and ability to view issues through business's lens while balancing the System need with the required level of security posture.
Attention to details:
Bachelor's degree in computer science/information security, related discipline, or equivalent work experience.
You are US Citizen as required for fedRAMP.
All your information will be kept confidential according to EEO guidelines.
What You Can Expect From Us:
An environment where you will be working on cutting edge technologies and architectures
A fun, passionate and collaborative workplace
Competitive salary and benefits, including equity
People who excel at Zscaler are smart, motivated and share our values. Ask yourself: Do you want to team with the best talent in the industry? Do you want to work on disruptive technology? Do you thrive in a fluid work environment? Do you appreciate a company culture that enables individual and group success and celebrates achievement? If you said yes, we'd love to talk to you about joining our award-winning team.
Additional information about Zscaler (NASDAQ: ZS ) is available at https://www.zscaler.com.
Zscaler is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.