Principal Engineer Attack Surface Management

What success looks like in this role:

Team and Role Overview:

The Attack Surface Management (ASM) team is integral to reducing attack vectors and surfaces within the Unisys organization. We are currently in search of a Principal Engineer to lead the ASM team technically overseeing and executing ASM processes and collaborating with Intel and Offensive Security team in their projects participating penetration testing. This role involves collaborating with other security teams to identify and refine processes review existing architecture identify gaps and recommend security enhancements while also providing guidance and mentorship to team members. Additionally managing security posture in the cloud necessitating expertise in AWS GCP Azure and familiarity with CIS security controls in cloud environments.

What Success Looks Like in This Role:

Serve as the principal and technical owner of different services within the ASM function.

Drive automation and enhancement of ASM processes.

Proficiency in identifying common vulnerabilities including OS Web API and Infrastructure.

Familiarity with Multi-Cloud Infrastructures and Services with knowledge of implementing CIS controls for Cloud and OS.

Understanding of common web application frameworks and web-based APIs.

Experience with scripting languages such as Bash Python Perl PowerShell etc.

Solid grasp of Open-Source Intelligence (OSINT) gathering techniques to support ASM activities.

Ability to manage organize analyze and present large amounts of data effectively.

Capability to work efficiently with minimal supervision.

Strong understanding of common vulnerabilities and testing methodologies.

Aptitude for communicating broader risks associated with vulnerabilities.

Working experience with Cloud Security Posture Management tools like Wiz CrowdStrike etc.

#LI-SP2

You will be successful in this role if you have:

A Bachelors or Masters degree in Computer Science Information Systems or a related field or equivalent work experience.

10 years of experience in security especially in preventive security such as application security penetration testing and vulnerability management.

Experience in security project management.

A commitment to continuous learning to stay updated with the evolving threat and adversary landscape.

Unisys is proud to be an equal opportunity employer that considers all qualified applicants without regard to age blood type caste citizenship color disability family medical history family status ethnicity gender gender expression gender identity genetic information marital status national origin parental status pregnancy race religion sex sexual orientation transgender status veteran status or any other category protected by law.

Local employment practices and rights may vary by jurisdiction and are subject to applicable local laws. This commitment includes our efforts to provide for all those who seek to express interest in employment the opportunity to participate without barriers.

If you are a US job seeker unable to review the job opportunities herein or cannot otherwise complete your expression of interest without additional assistance and would like to discuss a request for reasonable accommodation please contact our Global Recruiting organization at . US job seekers can find more information about Unisys EEO commitment here.