Job Description :
*Primary Location: *2002 Summit Blvd, Atlanta, GA, USA*Division: *Cox Automotive*Job Level: *Individual Contributor*Travel: *No*Schedule: *Full-time*Shift: *Day Job*Requisition Number: * 202200667 At Cox, we’re forward-thinking innovators who put people first. Our award-winning workplace culture is centered on inclusion and kindness, and we’re looking for people to join our mission to be a force for good in the world. Come build a better future with us across automotive, communications, the environment and more.We want to do everything we can to keep our employees safe and healthy. Therefore, where permitted by applicable law, you will need to be fully vaccinated against COVID-19 to be considered for this U.S.-based job. Reasonable accommodations for medical and religious objections will of course be considered.Keep reading to learn more about this opportunity to join the Cox family of businesses.Cox Automotive is seeking to hire a Lead Security Engineer to join the ERS team in either Atlanta, GA or Lake Success, NY. This position will report to the Director of Vulnerability Management and will collaborate with a team of Vulnerability Management and offensive security specialists. The Lead Security Engineer will be responsible for contributing to and maintaining a Vulnerability Management Program that spans across the entire Cox Automotive enterprise and will be responsible for upholding policies associated with the identification and remediation of infrastructure and application vulnerabilities.Key Responsibilities:* Responsible for vulnerability management activities pursuant to the identification of infrastructure and application vulnerabilities and the delivery of metrics to management to demonstrate vulnerability management improvement across the organization.* Execute company-wide Vulnerability Management security initiatives in accordance with existing policies to ensure policies and initiatives are understood, implemented, and monitored by Cox Automotive stakeholders in various business units.* Work in close partnership with teammates, management, and senior technology professionals, network and infrastructure administrators, and software engineers to perform vulnerability testing and to assist in implementing vulnerability and risk remediation or mitigation plans.* Review and coordinate vulnerability response and vulnerability remediation efforts for vulnerabilities identified during internal and external audits, security assessments and penetration tests.* Monitor the risk and vulnerability landscape at Cox Automotive to identify and prioritize new vulnerabilities, existing vulnerabilities, and exploits that could pose threats to Cox Automotive or that could cause harm to the organization. They will work collaboratively with various teams to remediate or mitigate risks in a timely manner.* Be a key contributor to an offensive security program with in-house penetration testers. Develop and maintain tools and scripts used in penetration testing and red team processes.* Work closely with the Cybersecurity Operations team to leverage threat intelligence sources, identify new threats in the wild, and verify the organizations security posture against them.* Regularly research and learn new TTPs in public and closed forums, and work with teammates to assess risk and implement and validate security controls as necessary.* Understand breach and attack simulation (BAS) solutions and work with the team to validate the effectiveness of security controls.* Liaise with the Cyber Defense, Intel and Response teams to improve tool usage and workflows, as well as with the advanced threats and assessment team to mature monitoring and response capabilities.* Work with and cross-train offensive and defensive colleagues on new TTPs and mentor junior teammates.* Perform other duties as assigned. Qualifications: * Where permitted by applicable law, must be fully vaccinated against COVID-19 to be considered for this U.S. based job. (Reasonable accommodations for medical and religious objections will be considered.)* BA/BS Degree, preferably formal studies in Computer Science or Information Systems or equivalent * 8-10 years experience in Vulnerability Management, Information Technology or Information Security* Ability to work in a fast-paced and dynamic environment* Excellent organizational, project management, and follow-up skills* Ability to build effective working relationships at all levels of the organization* Proven experience supporting a Technology Vulnerability Management Program as either a manager or lead analyst/engineer* Strong analytical skills, ability to evaluate information, rapidly break it down, and arrive at meaningful conclusions* Experience with application and system vulnerability management solutions such as Qualys, Nessus, Burp Suite, Kali Linux, Splunk, etc.* Technical understanding of IP based networks, various operating systems, wireless technologies, internet-facing applications, etc.* Deep technical understanding of the OWASP Top 10* Effective communication skills: a person in this role must be able to successfully communicate with management personnel, technical personnel and third parties, and explain vulnerabilities and risk in both technical and business termsPreferred:* CISA, CISSP, CISM, OSCP, GSEC or other security certification(s). Who We Are*About Cox Automotive*Theres nothing ordinary about Cox Automotive. We are people of every background driven by our passion for mobility, innovation, client success and community outreach. We make buying, selling and owning (or simply using) cars easier for everyone. Touching more than 40,000 clients across five continents, we bring together the best brands and the best teams to propel the automotive industry forward. Some of those team members work for our iconic consumer brands like Autotrader and Kelley Blue Book, while others are creating the future of automotive at industry-facing brands like Dealer.com, Manheim and vAuto. *About Cox *We are the Cox family of businesses. Weve been making our mark since 1898 by building and evolving world-class businesses, staying true to our values, and encouraging top talent to always look for growth and impact while building a career with us. Our primary divisions - Cox Communications and Cox Automotive - are driving a new wave of innovation, powering smart cities with powerhouse broadband communications and pioneering greener, more progressive transportation alternatives for individuals and fleet operators. Were also expanding into new spaces like cleantech and healthcare to rev up our momentum toward building a better future for the next generation. Were looking for the talent today who will be our leaders tomorrow. Sound intriguing? Learn more about where we are today, where we hope youll be going with us, and the common purpose that unites us at of working at Cox may include health care insurance (medical, dental, vision), retirement planning (401(k)), and paid days off (sick leave, parental leave, flexible vacation/wellness days, and/or PTO). For more details on what benefits you may be offered, [visit our benefits page]( is an Equal Employment Opportunity employer - All qualified applicants/employees will receive consideration for employment without regard to that individuals age, race, color, religion or creed, national origin or ancestry, sex (including pregnancy), sexual orientation, gender, gender identity, physical or mental disability, veteran status, genetic information, ethnicity, citizenship, or any other characteristic protected by law. Cox provides reasonable accommodations when requested by a qualified applicant or employee with disability, unless such accommodations would cause an undue hardship. Statement to ALL Third-Party Agencies and Similar Organizations: Cox accepts resumes only from agencies with which we formally engage their services. Please do not forward resumes to our applicant tracking system, Cox employees, Cox hiring manager, or send to any Cox facility. Cox is not responsible for any fees or charges associated with unsolicited resumes.