Senior Software Engineer- Security Team

We are seeking a highly skilled Senior Software Engineer to spearhead the development and orchestration of our automated vulnerability management program. The ideal candidate will leverage their expertise in process automation and solution design to implement and streamline processes, standardized procedures, and integrated workflows. Their primary focus will be on efficiency of security controls and processes across our systems and applications, ensuring timely remediation for security findings. This role is instrumental in safeguarding the integrity of our systems and data against emerging threats.

The Impact You Will Make:

• Ensure that Grubhub’s key business initiatives are delivered securely
• Enable Grubhub to reduce its security risk and improve in security maturity
• Build highly scalable & reliable process to ensure and improve the efficiency, accuracy and integrity of the vulnerability management program
• Be accountable for delivery, deployment, maintenance, and monitoring the performance of the vulnerability management process, directly contributing to the fortification of our defenses against evolving cyber threats.
• Evaluate tools, technologies, frameworks, and vendors to our security posture along with other senior Cyber Security team members and partners from other teams.
• Write performant and concise code to meet the defined standards here at Grubhub, review the code of peers, and ensure security and scalability of the features you work on.
• Help other team members to create the backlog of tech debt and features, suggesting areas for improvement and enhancement.
• Actively work with members from other teams in the domain and be a team player, and promoting a collaborative work culture.

Key Responsibilities:

• Write performant and concise code to meet the defined standards here at GrubHub, review the code of peers, and ensure security and scalability of the features you work on.
• Develop and orchestrate an automated vulnerability management program, including the creation of streamlined processes, standardized procedures, and integrated workflows.
• Utilize automation tools and technologies to rapidly ingest, classify, triage, and communicate vulnerabilities and associated business risks to product managers, software engineers, and senior leaders.
• Collaborate with cross-functional teams to prioritize and remediate vulnerabilities based on their criticality and potential impact on business operations.
• Stay current with emerging cybersecurity threats, vulnerabilities, and industry best practices to continually enhance the effectiveness of the vulnerability management program.
• Provide technical guidance and mentorship to junior team members on vulnerability management techniques and methodologies.

Requirements:

• Bachelor's degree in Computer Science, Information Technology, or related field; advanced degree preferred.
• 5 years of development experience with proficiency in Python are required, Java is preferred
• Demonstrated experience in developing scalable solutions to consolidate and automate multiple processes
• Familiarity with DevSecOps practices and CI/CD pipelines.
• Understanding of common vulnerabilities and exposures (CVEs), Common Vulnerability Scoring System (CVSS), and related vulnerability databases.
• Excellent communication and interpersonal skills, with the ability to effectively communicate technical information to non-technical stakeholders.
• Strong analytical and problem-solving abilities, with a keen attention to detail.
• Proven ability to work effectively in a fast-paced, dynamic environment and manage multiple priorities simultaneously.

Preferred Qualifications:

• Familiar with vulnerability assessment tools, techniques, and methodologies, including vulnerability scanning, penetration testing, and risk assessment.
• Experience with cloud security and containerization technologies (e.g., AWS, Azure, Docker, Kubernetes).
• Experience with writing and integrating steps into the CI/CD pipelines.
• Knowledge of regulatory compliance frameworks such as PCI DSS.
• Industry certifications such as CISSP, CISM, GSEC or CEH.

And Of Course Perks:

• Flexible PTO. Grubhub employees enjoy a generous amount of time to recharge.
• Health and Wellness. Excellent medical, dental and vision benefits, 401k matching, employee network groups and paid parental leave are just a few of our programs to support your overall well-being.
• Compensation. You'll receive a highly-competitive compensation package with eligibility for generous incentives, bonuses, commission, and RSUs.
• Free Meals. Our employees get a weekly Grubhub credit to enjoy and support local restaurants.
• Social Impact. We believe in giving back through programs like the Grubhub Community Relief Fund, and provide our employees opportunities to support causes that are important to them.

Grubhub is an equal opportunity employer. We welcome diversity and encourage a workplace that is just as diverse as the customers we serve. We evaluate qualified applicants without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other legally protected characteristics. If you’re applying for a job in the U.S. and need a reasonable accommodation for any part of the employment process, please send an email to TalentAcquisition@grubhub.com and let us know the nature of your request and contact information. Please note that only those inquiries concerning a request for reasonable accommodation will be responded to from this email address.

If you are a resident of the State of California and would like a copy of our CA privacy notice, please email privacy@grubhub.com.