RingCentral is a leader in the UCaaS segment providing cloud-based communications of any kind: cloud PBX, cloud call center, cloud video & events, messaging, analytics and flexible billing services. Currently we are looking for a Global Vulnerability Program Manager to fit in our Security Operations division and improve our security grip and security posture in all provided services to the customer.
As a Vulnerability Engineer, you are responsible for the technical "heavy lifting" of our global vulnerability management ecosystem. You will ensure our scanning infrastructure (Qualys, Twistlock, Nuclei) is performing optimally across thousands of micro-services. This is a hands-on role that blends security research (exploitability analysis) with data engineering (BigQuery/Splunk) and direct technical support for our 200+ engineering teams.
Key responsibilities
Scanner Operations & Maintenance: Act as the primary technical owner for Qualys (Infra), Twistlock (Containers), and Nuclei (Templates). You will monitor scan jobs, resolve authentication/connectivity issues, and ensure full inventory coverage.
Exploitability Analysis: Go beyond the CVSS score. You will manually analyze critical vulnerabilities to determine if they are truly exploitable in our specific environment, helping teams prioritize what actually matters.
Data Engineering & Automation: Work with BigQuery, Splunk, and Looker to clean, analyze, and visualize vulnerability data. You will help tune the pipelines that move data from scanners to Jira.
Jira & Team Support: Act as the first point of contact for developers and SRE engineers. You will help them understand their Jira tickets, explain remediation steps, and validate when a fix has been successfully implemented.
On-Call & Troubleshooting: Participate in an on-call rotation to resolve urgent scan failures or inventory discrepancies to ensure our security visibility never drops.
Documentation: Maintain technical "How-To" guides and troubleshooting playbooks in Confluence in both English and Russian to support our diverse engineering workforce. Create ad-hoc reports for Vulnerability Manager or Compliance teams
Required skills and qualifications
Experience: 3+ years in Cybersecurity, with at least 1 year in a leadership or program management role focused on Vulnerability Management (would be a plus).
Hands-on experience configuring and troubleshooting Qualys and Twistlock/Prisma Cloud.
Experience running and tuning Nuclei templates.
Solid understanding of the Linux/Unix/Windows command line, networking and OS configuration.
Ability to write SQL queries (BigQuery) and use Splunk for log analysis.
Experience with Python or Bash for basic automation tasks is a strong plus.
What we offer:
Well-coordinated professional team
Cutting edge technologies, interesting and challenging tasks, dynamic project, great opportunities for self-realization, professional and career growth
Additional Health and Life Insurance Package
Employee Assistance Program
25 vacation days
This role requires on-site presence at our office 4 days a week to support effective collaboration and teamwork.
