Share this Job

Senior Network Security Engineer, Information Security

Date: Apr 29, 2021

Location: Chicago, IL, US, 60601

Company: XPO Logistics

Logistics done differently.

AT XPO Logistics, we believe that state-of-the-art technology drives our success. As a Senior Engineer, Information Security, you be the technical security resource for our Threat and Vulnerability Management team and one of the core team members of the growing InfoSec function. The role will focus on testing the security of business applications using automated tools and manual methods. The role will also be responsible for detecting and monitoring vulnerabilities across the organization and driving the program to mitigate them. On our team, you’ll have the support to excel at work, and the resources to build a career you can be proud of.

 

Pay, benefits and more.

We are eager to attract the best, so we offer competitive compensation and a generous benefits package, including full health insurance (medical, dental and vision), 401(k), life insurance, disability and the opportunity to participate in a company incentive plan.

 

What you’ll do on a typical day:

  • Represent the Global Information Security team and collaborate with technical leads, developers, DevOps engineers, project managers, third party vendors and business unit stakeholders
  • Work with application teams to ensure that security controls are followed across the SDLC
  • Guide and perform security activities including risk assessments, vulnerability scans, manual testing/verification of findings, and review of findings with application teams
  • Testing and analysis, code review, static and dynamic (including mobile) application testing, and manual assessment of applications
  • Consume and prioritize automated scan results; provide remediation guidance and help reduce overall risk to the organization’s applications
  • Review third party assessment results, assist teams to ensure that results are understood and plans for remediation are put in place and followed

What you need to succeed at XPO:

At a minimum, you’ll need:

  • Bachelor’s degree (or equivalent) in relevant field
  • Minimum 2 years in similar roles

It’d be great if you also have:

  • Experience with scripting/automation
  • Ability to read and write Python (experience with Pandas library a plus)
  • Experience working with databases, understanding and writing queries
  • Strong knowledge of OWASP and familiarity with web application vulnerabilities and how to remediate them
  • Working knowledge of a variety of programming languages with emphasis on C#, Java, JS, .NET, Angular, and HTML
  • Knowledge of and experience with commercial and open source security testing tools (e.g. Checkmarx, Veracode, AppScan, AppSpider, NowSecure, Burp Suite, OWASP Zap, Arachni, Nikto, BlackDuck, Nmap, Kali Linux, Metasploit framework, Wireshark, etc.)
  • Understanding and experience in securing cloud applications / infrastructure
  • Proficiency in Microsoft Office and Windows OS, and familiarity with Linux systems

Be part of something big.

 

 

XPO is a leading provider of cutting-edge supply chain solutions to the most successful companies in the world. We help our customers manage their goods most efficiently using our technology and services. Our greatest strength is our global team – energetic, innovative people of all experience levels and talents who make XPO a great place to work.

 

We are proud to be an Equal Opportunity/Affirmative Action employer. Qualified applicants will receive consideration for employment without regard to race, sex, disability, veteran or other protected status.

 

XPO adheres to CDC, OSHA and state and local requirements regarding COVID safety. All employees and visitors are expected to comply with XPO policies which are in place to safeguard our employees and customers.

 

All applicants who receive a conditional offer of employment may be required to take and pass a pre-employment drug test.

 

The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified. All employees may be required to perform duties outside of their normal responsibilities from time to time, as needed.


Nearest Major Market: Chicago

Job Segment: Network, Information Security, Network Security, Developer, Security, Technology