Youll move the world forward. Every day, we create the most innovative mapping and location technologies to shape tomorrows mobility for the better.
We are proud to be one team of more than 5,000 unique, curious, passionate problem-solvers spread across the world. We bring out the best in each other. And together, we help the automotive industry, businesses, developers, drivers, citizens and cities move towards a safe, autonomous world that is free of congestion and emissions.
What You’ll Do
Support identification of vulnerabilities by enhancing vulnerability identification at process and technology level.
Own, manage, and mature infrastructure vulnerability scanning process and tools and align with vulnerability identification KPIs.
Support identification, triaging, assignment and remediation of vulnerabilities ensuring that vulnerability management lifecycle is followed.
Timely respond to security threats by collaboration with other security teams and provide effective remediation solution complemented by compensatory controls.
Provide data driven insights into improvement opportunities for infrastructure vulnerability management process.
Prepare reports for technical teams, compliance deliverables and executive management highlighting current status of infrastructure from vulnerability management perspective.
Work with engineering teams for effective patch management by providing highly customised reports and vulnerability metrics.
Provide support for infrastructure penetration testing.
Drive the remediation process to ensure vulnerable assets are patched or remediated within agreed SLAs
Proactively research new methods, tools, and strategies to effectively identify vulnerabilities
What youll need
5+ years working in security
Advanced level of understanding regarding systems security at both technical and procedural level
Advanced level of understanding of infrastructure vulnerability scanning tools
Basic understanding of web application vulnerabilities and standards OWASP, SANS
Understanding (technical aspects of) penetration testing and results (including scoping and organising of pentests, use of vulnerability scanners, vulnerability management tools)
Good understanding of IT fundamentals across networking (such as DNS, SNMP, DHCP, IPSEC etc.), system, and application layers
Excellent interpersonal and communication skills in order to share knowledge and to communicate effectively with different stakeholders (IT and business partners)
Demonstrate a strong interest and understanding of general network security concepts.
Ability to communicate in an effective manner and interact with different levels of administration, technical and management with customers.
Ability to understand technical manuals, online technical documentation, software specifications, and systems software operations.
Excellent communication skills, good analytical and negotiation skills, and close attention to detail required.
Excellent leadership, interpersonal and motivation skills and a team player.
Ability to communicate complex technical information to non- technical audiences required.
Whats nice to have
Relevant industry certification
Experience working with distributed teams
Experience managing a bug bounty program
Meet your team
Were Information Security. We protect TomToms infrastructure, applications, employees and customers. We work alongside Enterprise IT, Commercial IT, Legal, Finance and HR to minimize risk and increase resilience across the business. We take an intelligence-driven approach, relying on innovative commercial and open-source solutions to proactively identify vulnerabilities and contain threats. On our team, youll help secure a safe, connected, autonomous world that is free of congestion and emissions.
We are self-starters who play well with others. Every day, we solve new problems with creativity, meet new people and learn rapidly at our offices around the world. We will invest in your growth and are committed to supporting you. In everything we do, were guided by six values We care, putting our heart into what we do; we build trust (you can count on us); we create driven to make a difference; we are confident, but dont boast; we keep it simple, since life is complex enough; and we have fun because lifes too short to be boring.
After you apply
Our recruitment team will work hard to give you a meaningful experience throughout the process, no matter the outcome. Your application will be screened closely and you can rest assured that all follow-up actions will be thorough, from assessments and interviews through your onboarding.
TomTom is an equal opportunity employer
We celebrate diversity, thrive on each others differences and are committed to creating an inclusive environment at our offices around the world. Naturally, we do not discriminate against any employee or job applicant because of race, religion, color, sexual orientation, gender, gender identity or expression, marital status, disability, national origin, genetics, or age.