Senior Software Engineer

At Pitney Bowes, we do the right thing, the right way. As a member of our team, you can too.

We have amazing people who are the driving force, the inspiration and foundation of our company. Our thriving culture can be broken down into four components: Client. Team. Win. Innovate.

We actively look for prospects who:
Are passionate about client success.
Enjoy collaborating with others.
Strive to exceed expectations.
Move boldly in the quest for superior and best in market solutions.

Job Description:

Job Summary:

The Vulnerability Management Engineer is responsible for overseeing the identification, assessment, prioritization, and remediation of vulnerabilities within PB s IT infrastructure, applications, and networks on the perimeter. This role ensures the development and execution of a comprehensive vulnerability management program to minimize security risks and maintain a robust perimeter security posture. The Vulnerability Management Engineer will collaborate with a team across various departments, and engage with external vendors and stakeholders to ensure vulnerabilities are addressed in a timely and effective manner.

Qualifications:

Education Experience:

• Bachelors degree in Computer Science, Information Security, or a related field.

• Minimum 3+ years of experience in vulnerability management, information security, or IT risk management.

• Proven experience leading or managing a vulnerability management team or program.

Technical Skills:

• Experience with vulnerability scanning tools (e.g., Nessus, Qualys, OpenVAS).

• Familiarity with patch management tools (e.g., WSUS, SCCM, Ivanti).

• Understanding of threat intelligence sources and risk management frameworks (e.g., NIST, CVSS).

• Strong knowledge of network and application security, as well as common vulnerabilities and attack vectors.

Key Responsibilities:

• Leadership and Strategy:

  • Lead, mentor, and manage the perimeter vulnerability management team to deliver consistent and effective vulnerability management processes.

  • Develop and execute a comprehensive vulnerability management strategy aligned with PB s goals, risk appetite, and industry best practices.

  • Define and refine vulnerability management workflows and processes, ensuring efficient, accurate, and timely identification, tracking, and remediation of vulnerabilities.

• Vulnerability Assessment and Prioritization:

  • Conduct regular vulnerability assessments and scans using automated tools (e.g., Nessus, Qualys, etc.) to identify vulnerabilities across networks, systems, applications, and third-party services.

  • Analyze and assess the severity of vulnerabilities, using industry frameworks (e.g., CVSS), and collaborate with other teams to prioritize remediation based on business impact, criticality, and exploitability.

  • Develop and maintain an accurate inventory of assets and vulnerabilities, ensuring that all vulnerabilities are tracked through to closure.

• Collaboration and Communication:

  • Work closely with IT, DevOps, network, application, and risk management teams to ensure coordinated and timely remediation efforts.

  • Provide regular reports and metrics on the vulnerability landscape, remediation progress, and risk status to senior leadership.

  • Serve as a subject matter expert on vulnerability management and provide guidance to teams on secure coding practices, patch management, and risk mitigation techniques.

• Remediation Oversight:

  • Track and ensure timely resolution of vulnerabilities in accordance with the PB s risk management framework.

  • Ensure vulnerabilities are addressed through appropriate remediation measures (e.g., patches, configuration changes, process improvements, etc.).

  • Support the development and implementation of security patches and updates, and monitor their effectiveness.

• Incident Response and Risk Mitigation:

  • Participate in incident response activities related to vulnerability exploitation and coordinate the identification of root causes and remediation efforts.

  • Assess emerging threats and vulnerabilities, keeping the team informed of critical updates (e.g., zero-day vulnerabilities, CVE announcements).

• Continuous Improvement:

  • Lead efforts to continuously improve vulnerability management processes, tools, and automation to increase efficiency, reduce manual effort, and enhance coverage.

  • Evaluate new vulnerability scanning tools, technologies, and practices to ensure that the PB s is leveraging the most effective and up-to-date solutions.

• Compliance and Reporting:

  • Ensure vulnerability management activities align with industry standards, regulations (e.g., NIST, CIS, ISO 27001), and internal policies.

  • Prepare and deliver regular security reports and presentations for stakeholders at various levels of the organization, including technical and non-technical audiences.

  • Support audit activities and assist in demonstrating compliance with vulnerability management controls.

About Pitney Bowes:

Pitney Bowes (NYSE:PBI) is a global shipping and mailing company that provides technology, logistics, and financial services to more than 90 percent of the Fortune 500. Small business, retail, enterprise, and government clients around the world rely on Pitney Bowes to remove the complexity of sending mail and parcels. For additional information visit Pitney Bowes at www.pitneybowes.com .

We will:

Provide the will: opportunity to grow and develop your career
Offer an inclusive environment that encourages diverse perspectives and ideas
Deliver challenging and unique opportunities to contribute to the success of a transforming organization
Offer comprehensive benefits globally ( P B Live Well )

Pitney Bowes is an equal opportunity employer that values diversity and inclusiveness in the workplace.

All interested individuals must apply online.