Cyber Security Engineer

The Opportunity

"This is an opportunity to define, build, and shape the future of FICO’s Cybersecurity and Risk Posture. As part of the Threat & Vulnerability Management team, you will collaborate across the business, IT, and client environments to secure our cloud and data center infrastructure. Your contributions will be key to strengthening FICO's defense mechanisms and enhancing our compliance posture. We're looking for a cybersecurity expert passionate about continuous improvement, cloud security, and vulnerability risk reduction. If you're someone who thrives in a fast-paced environment and wants to work on high-impact global security initiatives, this role is for you" - VP, Software Engineering.

What You’ll Contribute

• Detect, identify, and analyze vulnerabilities across FICO environment.
• 3.6 + years of overall experience.
• Assess the risk of vulnerabilities detected to determine true impact.
• Support stakeholders as a SME to understand technical details of vulnerabilities and steps to carry out remediation.
• Coordinate with stakeholders to track issues remediation until closure.
• Act as a SME for new projects in terms of vulnerability management lifecycle.
• Manage, maintain, and tune tools used to support the VM process.
• Update yourself with the latest security and technology developments.

What We’re Seeking

• Experience in a similar role such as vulnerability management specialist.
• Experience with Qualys or other security vulnerability detection technology required.
• Demonstrates subject-matter expert level understanding in multiple IT, Security and Software disciplines.
• Ability to understand the cause and effect of application vulnerabilities with Operating System Vulnerabilities.
• Must be able to multi-task and keep track of large amounts of information across disparate systems.
• Ability to keep making progress and define future strategy/policy with regards to Enterprise.
• Adherent to ‘continuous monitoring’ and ‘continuous improvement’ thought process.
• Demonstrated technical IT skills, ability to understand and manage different OS flavors, network technologies and topologies.
• Demonstrated technical security expertise in a variety of cloud platforms (AWS is preferred).
• Comfortable interfacing with other internal or external organizations regarding problems that must be addressed to enhance security posture.
• Ability to effectively translate and present solutions in business or management terms.
• Ability to work effectively in a team environment.
• Knowledge of Python scripting or other languages is nice to have.
• Moderate documentation and analytical skills; documenting processes, policies, and standards.
• Moderate ability to provide end-to-end support to enterprise counterparts, identifying root- cause of complex enterprise initiatives.
• Moderate trouble shooting skills across complex enterprise applications, server, and endpoint environments.
• Moderate ability to learn onboard and adapt to new technologies.
• Basic privileged access management/right management experience, designing solutions based on least privilege.
• Basic knowledge of malware operation, indicators or threat.
• Moderate knowledge of current threat landscape
• Entry Cybersecurity certifications, such as CompTIA Security +, GIAC Security Fundamentals, GIAC Security Essentials, ISC2 Associate, ISACA Cybersecurity Fundamentals are nice to have.

Our Offer to You

• An inclusive culture strongly reflecting our core values: Act Like an Owner, Delight Our Customers and Earn the Respect of Others.
• The opportunity to make an impact and develop professionally by leveraging your unique strengths and participating in valuable learning experiences.
• Highly competitive compensation, benefits and rewards programs that encourage you to bring your best every day and be recognized for doing so.
• An engaging, people-first work environment offering work/life balance, employee resource groups, and social events to promote interaction and camaraderie.