As a Security Vulnerability Manager (PSIRT) at EclecticIQ, you’ll help us raise our PSIRT capability to the next level by establishing key processes and then operating them and making sure they're running.
As an ideal candidate, you have relevant experience working inside PSIRT team and have been exposed to larger part of activities that this role assumes.
- You will lead EIQ PSIRT by designing, executing, owning and being accountable for all EIQ PSIRT processes.
- You will together with the teams identify required tools and practices.
- You will own and manage inbound reports of security vulnerabilities.
- You will lead the receipt, resolution and disclosure of security vulnerabilities across products and services.
- You will expand PSIRT knowledge to all related teams.
- You will work back-to-back with Product and Technology Teams on shipping new products and services.
- With the Technology Team you’ll get to promote secure coding, perform security code reviews and advise on secure technical design and best practices while main activity being continuous security vulnerability assessment of code/dependency contributions and its integration into Continuous Integration and Delivery processes.
- With the Product Team you'll help with embedding security perspective into Product requirements.
- With the Customer Success Team you will need to be able to help our customers manage, understand and assess impact of security vulnerabilities related to our products and services.
- Prior experience in vulnerability management and cloud, mobile, or application security OR demonstrated security experience in either a forensic or an offensive security focused role.
- Ability to assemble and lead virtual teams to resolve security incidents.
- Ability to work collaboratively and remotely with others to accomplish complex goals.
- Proven experience dealing with escalated, customer-facing issues (security preferred).
Nice to have
- Previous working experience within PSIRT
- Understanding of Agile software development processes.
- Knowledge of industry practices for responsible disclosure of security threats and product vulnerabilities.
- Full-time position
- Start date: as soon as possible
- Market conform salary and ESOP participation
- Location: EclecticIQ office in the city centre of Amsterdam
- 24 vacation days, based on full-time engagement
- Remote friendly work environment
EclecticIQ enables intelligence-powered cybersecurity for government organisations and commercial enterprises. We develop analyst-centric products and services that align our clients’ cybersecurity focus with their threat reality. The result is intelligence-led security, improved detection and prevention, and cost-efficient security investments. Our solutions are built specifically for analysts across all intelligence-led security practices such as threat investigation, and threat hunting, as well as incident response efforts. And we tightly integrated our solutions with our customers’ IT security controls and systems. EclecticIQ operates globally with offices in Europe, United Kingdom, and North-America, and via certified value-add partners.
Learn more at www.eclecticiq.com