Security Engineer, Vulnerability Management and Automation

<p>Figure is an AI Robotics company developing a general purpose humanoid. Our humanoid robot, Figure 02, is designed for commercial tasks and the home. We are based in San Jose, CA and require 5 days/week in-office collaboration. It’s time to build.</p> <p>We are looking for a Security Engineer to join the Security &amp; Privacy team at Figure, focusing on designing, implementing, and managing vulnerability discovery and remediation across enterprise and Cloud environments.</p> <h3><strong>Responsibilities</strong></h3> <ul> <li>Develop systems and tools to improve the security posture of Figure’s enterprise infrastructure, touching domains such as client platform, corporate networks, as well as SaaS infrastructure</li> <li>Build and manage automation for vulnerability management, and help Figure prioritize and address vulnerabilities across the infrastructure</li> <li>Identify, triage, and remediate vulnerabilities and misconfigurations for cloud infrastructure and Figure’s backend services</li> <li>Design and implement security controls for securing backend services and cloud infrastructure at Figure</li> <li>Review and provide security guidance company wide for infrastructure systems, account lifecycle, fleet management and automation.</li> <li>Define and contribute to the team's operational duties (e.g. security reviews, consulting, and on-call), identify areas of improvement by delegating work, improving automation, and runbooks.</li> </ul> <p><strong>Requirements</strong></p> <ul> <li>Experience in several of the following Enterprise Security Domains: Zero Trust/Beyond Corp, Endpoint Security, Cloud Security, Data Loss Prevention, Cryptography and PKI, SaaS Security.</li> <li>Strong understanding of federated authentication/authorization technologies (e.g., SAML, SCIM, OPA, OIDC).</li> <li>Strong understanding of network security mechanisms, including mTLS, 802.1X, SSH, DNSSEC, Certificate transparency, VPN, and others</li> <li>Experience developing and deploying services in multi-cloud environments, preferably one of the following Azure, AWS or Google Cloud Platform</li> <li>Strong software engineering (beyond scripting or automation) skills in C/C++, Rust, Golang, Python or similar.</li> <li>Experience in common tools and processes of adjacent security domains, esp.&nbsp; Detection and Response.</li> <li>Solid knowledge of operating system internals, and experience with several of the following areas: Identity and Access, OS Hardening (macOS, Windows, Linux, ChromeOS), SaaS Security or Assurance and Validation</li> <li>Bachelor of Science in Computer Science, Engineering, Information Systems, or equivalent years of experience in a related technical field</li> <li>6+ years of experience as an Enterprise/Cloud focused Security Engineer</li> <li>Excellent verbal and written communication skills, with high attention to detail</li> </ul> <p>The US base salary range for this full-time position is between $150,000 - $350,000 annually.</p> <p>The pay offered for this position may vary based on several individual factors, including job-related knowledge, skills, and experience. The total compensation package may also include additional components/benefits depending on the specific role. This information will be shared if an employment offer is extended.</p>