Engineer, Lead Vulnerability Management at RITE AID

The Engineer, Lead Vulnerability Management (VM) will focus on programs addressing vulnerabilities in the entire development lifecycle, from design, coding, deployment and at runtime. The incumbent will execute a program develops and operates platforms for identifying, classifying, scanning, and reporting security vulnerabilities in all Rite Aid assets across the company's cloud infrastructure and applications.

• Develop short- and long-term program and product strategies in partnership with product management and other engineering teams
• Build the vulnerability management capabilities for both application vulnerability management as well as systems vulnerability management
• Identify, categorize, report and remediate vulnerabilities in all our environments whether it is on systems, networks, applications, web applications or code
• Drive the risk associated with the identified vulnerabilities down by providing a clear way of patching and fixing these vulnerabilities to other engineering teams

EDUCATION REQUIREMENTS

Education Level

Area of Specialization (Marketing, Finance, Pharmacy, Engineering/IT, etc)

Required Or Preferred

Bachelor Degree

Computer Science/Engineering; or equivalent combination of education and experience **

Required**

Masters Degree

Computer Science/Engineering **

Preferred**

KNOWLEDGE, SKILLS AND ABILITIES

Knowledge, Skills And Abilities

Required or Preferred

• Hands-on experience of different vulnerability management programs
• Vulnerability Management: strong knowledge and experience in managing both Web application vulnerability management lifecycle and Systems vulnerability management lifecycle
• Platform development proven track of designing, coding and delivering large-scale PaaS or IaaS systems, especially on public cloud substrates (AWS/GCP)
• Programming Proficiency in object-oriented and multi-threaded programming to support code-reviews and guiding engineers in at least one of the following languages: Golang, Java, C++, Python
• Security: Strong knowledge in security fundamentals: authentication/authorization frameworks (e.g., SSO, SAML, Oauth), secure transport (e.g., SSL, TLS), identity management (e.g., certificates, PKI), vulnerability management
• DevOps mindset and strong ownership over owned code (test, monitor, deploy, maintain)
• Ability to lead, motivate and grow teams of developers in a challenging, dynamic and global environment
• Communication: Excellent oral and written communication skills in English

Required

WORK EXPERIENCE

Experience

Areas of Experience (Pharmacy, Compliance, E-commerce, Retail, etc)

Required Or Preferred

7 years of experience in vulnerability management **

Required**

3 years of experience in leadership **

Required**

3 years of experience in a high-availability 24/7 environment **

Required**

The typical starting pay range for this position is between $97,600 - $150,250

annually, although wages can very based on experience and geography.