Veeva Systems is a mission-driven organization and pioneer in industry cloud, helping life sciences companies bring therapies to patients faster. As one of the fastest-growing SaaS companies in history, we surpassed $3B in revenue in our last fiscal year with extensive growth potential ahead.
At the heart of Veeva are our values: Do the Right Thing, Customer Success, Employee Success, and Speed. We're not just any public company – we made history in 2021 by becoming a
public benefit corporation (PBC), legally bound to balancing the interests of customers, employees, society, and investors.
As a
Work Anywhere company, we support your flexibility to work from home or in the office, so you can thrive in your ideal environment.
The Role
Veeva is looking for a Vulnerability Management Engineer to support the operation and continued development of our vulnerability management lifecycle, including: scanning, detection, reporting, remediation, and verification. This role will collaborate with teams company-wide to prioritize and assess vulnerabilities against real-world threats and important business considerations. Success is determined by a thorough and sustainable mechanism to address vulnerabilities and issues identified in maintaining compliance with ISO 27001, CIS, and SOC standards.
What You’ll Do
Process and author vulnerability report mechanisms aligned with internal customer requirement
Serve as advisor for IT and product teams, understanding their environments and compensating controls to ensure focus on most critical vulnerabilities
Suggest alternative solutions to patching vulnerabilities to mitigate the risks associated with them
Collect and process vulnerability lifecycle evidence during audits
Maintain the functionality, health, and reporting capabilities of vulnerability management tooling
Identify gaps and contribute to the development of policies and procedures for vulnerability management
Develop and execute strategy and roadmaps to continually evolve and automate the vulnerability management program
Requirements
1+ years’ experience in Vulnerability Management reporting, tracking, metrics, and scanning and assessing results leading to prioritized actions
Hands-on experience in vulnerability management tools such as Tenable, Wiz, Qualys, Rapid7, etc.
Experience in evaluating and assessing a vulnerability severity level based on a variety of internal and external factors surrounding it
Strong communication skills with tactical personnel and senior-level leadership
Understanding of various methods to address vulnerabilities and maintaining compliance
Strong experience coordinating with multiple teams’ solutions to manage and prioritize remediation
Good experience in parsing vulnerability reports to extract more meaningful data that is relevant to the receiving team or customer
Nice to Have
Strong familiarity with Atlassian Jira and Confluence
Familiarity with scripting languages suitable for automation such as Python
Knowledge of governing regulations such as HIPAA, GDPR, ISO 27001, and SOC 2 compliance standards
Exceptional skill in excel data transformations, pivot table creation, and gathering key statistical insights
Good understanding of attack surface management principles
Good familiarity in automating scanning results to different reporting media (excel sheets, Jira, etc)
Good understanding of cloud security principles
Good familiarity of cloud architectural devices such as dockers, containers, EC2, etc
Perks & Benefits
Medical, dental, vision, and basic life insurance
Flexible PTO and company paid holidays
Retirement programs
1% charitable giving program
Compensation
Base pay: $70,000 - $100,000
The salary range listed here has been provided to comply with local regulations and represents a potential base salary range for this role. Please note that actual salaries may vary within the range above or below, depending on experience and location. We look at compensation for each individual and base our offer on your unique qualifications, experience, and expected contributions. This position may also be eligible for other types of compensation in addition to base salary, such as variable bonus and/or stock bonus.
#LI-RemoteUS
Veeva’s headquarters is located in the San Francisco Bay Area with offices in more than 15 countries around the world.
Veeva is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity or expression, religion, national origin or ancestry, age, disability, marital status, pregnancy, protected veteran status, protected genetic information, political affiliation, or any other characteristics protected by local laws, regulations, or ordinances. If you need assistance or accommodation due to a disability or special need when applying for a role or in our recruitment process, please contact us at
talent_accommodations@veeva.com.
