Senior Corporate Security Investigator at Duke Energy conducting complex investigations in support of Ethics, HR, Legal, Nuclear, and Enterprise Security with field mobility.
About the role
- Senior Product Security Engineer managing security vulnerabilities across Red Hat software and OSS projects. Leading incident response and ensuring compliance with EU Cyber Resilience Act.
Responsibilities
- Manage and provide timely response and disclosure of security vulnerabilities and incidents across Red Hat software, Fedora, and other OSS projects.
- Ensure Red Hat Product Security processes and disclosures align with the EU Cyber Resilience Act (CRA) and other relevant regulations.
- Conduct in-depth risk assessments on vulnerabilities in Red Hat OSS projects and communicate risks effectively to diverse stakeholders (engineers, architects, senior leadership).
- Contribute to customer-facing security documentation, references, and data, including Common Vulnerabilities and Exposures (CVE) pages and metadata.
- Provide technical leadership, mentor junior engineers, and drive continuous improvement in vulnerability management practices (e.g., contributing to SBOM generation).
- Actively participate in relevant OSS working groups to shape and implement industry standards for vulnerability disclosure and coordination.
Requirements
- 6+ years of experience in cybersecurity incident management and coordination and/or with delivering technology-related software
- Bachelor’s degree in a technical field
- Industry certifications like CISSP, CSSLP, CISA/CISM, PMP are a plus
- Expert knowledge and practical understanding of the Linux Operating System
- Proven expertise in security vulnerabilities, risk assessment, and the Confidentiality, Integrity, and Availability (CIA) triad
- Strong change management skills to identify, track, and implement improvements for continuous enhancement of incident response following security events
- Ability to work effectively and autonomously in a demanding, fast-paced, and culturally diverse environment across multiple time zones
- Exceptional professional written and verbal communication skills in English.
Benefits
- Flexible working hours
- Professional development opportunities
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
AI Enterprise Security Architect focusing on AI Security architectural standards and integrating security measures into AI development lifecycle. Leading a global team in securing AI systems.
Cloud Security Engineer supporting and securing client environments across AWS and hybrid infrastructures. Collaborating with Cloud Operations to monitor, investigate, and remediate security events.
Account Cybersecurity Lead providing cybersecurity governance and oversight at Capgemini. Leading client relationships, security management systems, and risk compliance oversight.
Cybersecurity Risk Coordinator at Globo ensuring operational security across digital content. Analyzing risks and developing strategies to enhance business resilience.
Senior SAP Security Specialist managing SAP Security responsibilities and projects. Collaborating on security tools and conducting workshops in Hamburg.
Sales Account Manager for Cyber Security and Awareness role at HvS - Consulting GmbH. Providing holistic consulting on Cyber Security services and managing client relationships.
Security Engineer at PRC - Saltillo safeguarding IT infrastructure from cyber threats. Collaborating with IT teams to design and maintain security controls in a hybrid work environment.
Information Security Manager leading cyber security initiatives at NVISO, enhancing clients’ security posture and managing a team of consultants in Germany.
Cybersecurity Assessment Expert at IT - Strat managing A&A of information systems for U.S. federal clients. Ensuring compliance with DOD cybersecurity policies and standards in complex IT environments.