Back to jobs

Vulnerability Management Engineer

We're Celonis, the global leader in Process Mining technology and one of the world's fastest-growing SaaS firms. We believe there is a massive opportunity to unlock productivity by placing data and intelligence at the core of business processes - and for that, we need you to join us.

The Team:

Our Global information security organization is responsible for security and trust. We think security-offensively and defensively. We continuously monitor our global security posture and are always adapting to the ever-changing threat landscape.

The Security Engineering team is tasked with building security into and breaking “all the things” at Celonis. Our builders are software security engineers and platform security engineers, and our breakers include red teamers as well as offensive and application security engineers. We also partner with our product and engineering teams for security by design practices and assist with triaging and remediating technical security issues.

 

The Role:

The Vulnerability Management Engineer will work within the Security Engineering team to enhance and ensure the continuous vulnerability lifecycle management within Celonis’ diverse environments. This role will work within a team of Vulnerability Management Engineers in the collection, monitoring, reporting, and impact assessment for vulnerability related data from partners, vendors, and internal intelligence sources. This individual will lead by building bridges and forming relationships with the technical teams within Celonis, to support strategies and controls for vulnerabilities within these environments. 

 

The work you’ll do:

  • Enhance the current Vulnerability Management strategy and process for Celonis
  • Act as a champion for vulnerability management and information security including broadening awareness and use of the team’s services, education of security best practices and integration with other business areas
  • Drive actionable metrics and reporting for operations and leadership transparency
  • Provide prompt attention and visibility into risks, vulnerabilities, and issues serving as an escalation path for team member effectiveness
  • Closely support and collaborate with Celonis’ Security Engineering and Trust teams
  • Serve as subject matter expert related to vulnerability management and secure configuration
  • Have the ability to understand and develop enterprise policy and technical standards with specific regard to vulnerability management and secure configuration
  • Be able to identify and assess the potential impact from vulnerabilities specific to Celonis’ environment, and determine and implement mitigating controls
  • Identify and lead the appropriate measures to manage/remediate vulnerabilities and reduce potential impacts on information resources to a level acceptable to the senior management of the company
  • Build strong partnerships with technical teams to promote best practices for managing vulnerabilities in an agile manner and within cloud solutions
  • Providing mentorship, coaching, performance management and support to team members with regard to vulnerability assessment, communication/rapport with other divisions and various levels of leadership, technical expertise, and career development
  • Oversight of onboard and offboard resources

 

The qualifications you need:

  • Experience in vulnerability management or related field such as penetration testing, SOC, or threat intelligence
  • Drive to learn new things about vulnerability management, exploits, hacker techniques, and overall security operations
  • Familiar with industry standard security best practices and vulnerability management processes including compliance reporting
  • Demonstrated ability to participate in cross functional teams, including offsite, remote and offshore resources
  • Excel at prioritizing work and other demands for self and team including making risk-based decisions about remediation recommendations
  • Ability to define, communicate and execute on a vision and strategy
  • Ability to effectively communicate with technical and non-technical resources
  • Self-directed, works with minimal guidance, and recognizes when guidance needed
  • Demonstrated ability to stay abreast securing evolving technology such as cloud and mobile computing
  • Experience working in very large enterprise environment with diverse teams
  • Advanced experience with vulnerability scanning tools and other security testing tools
  • Understanding of attacker mindset, exploitation, and how vulnerabilities are leveraged

 

 

 

The base salary range below is for the role in the specified location, based on a Full Time Schedule.

Total compensation package will include base salary + bonus/commission + equity + benefits (health, dental, life, 401k, and paid time off). Please note that the base salary range is a guideline, and that the actual total compensation offer will be determined based on various factors, including, but not limited to, applicant's qualifications, skills, experiences, and location.

The base salary range below is for the role in Colorado, based on a Full Time Schedule.

$124,000 - $150,000 USD

What Celonis Can Offer You:

  • The unique opportunity to work with industry-leading process mining technology
  • Investment in your personal growth and skill development (clear career paths, internal mobility opportunities, L&D platform, mentorships, and more)
  • Great compensation and benefits packages (equity (restricted stock units), life insurance, time off, generous leave for new parents from day one, and more). For intern and working student benefits, click here.
  • Physical and mental well-being support (subsidized gym membership, access to counseling, virtual events on well-being topics, and more)
  • A global and growing team of Celonauts from diverse backgrounds to learn from and work with
  • An open-minded culture with innovative, autonomous teams
  • Business Resource Groups to help you feel connected, valued and seen (Black@Celonis, Women@Celonis, Parents@Celonis, Pride@Celonis, Resilience@Celonis, and more)
  • A clear set of company values that guide everything we do: Live for Customer Value, The Best Team Wins, We Own It, and Earth Is Our Future

 

About Us:

Celonis helps some of the world’s largest and most esteemed brands make processes work for people, companies and the planet. With over 5,000 enterprise customer deployments across nearly every industry, the Celonis Process Intelligence Platform uses process mining and AI to give you a living digital twin of your business operation. It’s system-agnostic and without bias, and empowers companies to reduce waste, create value and benefit people across the top, bottom, and green lines. Since 2011, the Celonis platform has enabled its customers to identify more than $18 billion in value. Celonis is headquartered in Munich, Germany, and New York City, USA, with more than 20 offices worldwide.

Get familiar with the Celonis Process Intelligence Platform by watching this video.

 

Equal Opportunity at Celonis:

Celonis is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment and equal opportunity in all aspects of employment. We will not tolerate any unlawful discrimination or harassment of any kind. We make all employment decisions without regard to race/ethnicity, color, sex, pregnancy, age, sexual orientation, gender identity or expression, transgender status, national origin, citizenship status, religion, physical or mental disability, veteran status, or any other factor protected by applicable anti-discrimination laws. As a US federal contractor, we are committed to the principles of affirmative action in accordance with applicable laws and regulations. Different makes us better

 

Your Privacy:

Any information you submit to Celonis as part of your application will be processed in accordance with Celonis’ Accessibility and Candidate Notices

Please be aware of common job offer scams, impersonators and frauds. Learn more here.

Apply for this job

*

indicates a required field

Resume/CV*

Accepted file types: pdf, doc, docx, txt, rtf

Cover Letter

Accepted file types: pdf, doc, docx, txt, rtf


If so, please let us know who:

Select...
Select...
Select...
Select...

US Demographic Questions

At Celonis, we believe #TheBestTeamWins when everyone counts. We celebrate the differences and individuality of all our employees and understand the value of having a variety of experiences, backgrounds, knowledge bases, and perspectives at play in our teams.

We will now ask some voluntary questions that help us build an accurate picture of our applicant and workforce representation, comply with legal obligations where applicable, and advance our diversity, equity and inclusion efforts. In accordance with the Celonis Privacy Notice for the Application and Hiring Process, this information will be kept confidential, it will not be used to make hiring decisions and choosing not to answer will not affect your application in any way.

Select...
Select...

Voluntary Self-Identification

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in Celonis’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Select...
Select...
Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Select...

Voluntary Self-Identification of Disability

Form CC-305
Page 1 of 1
OMB Control Number 1250-0005
Expires 04/30/2026

Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

  • Alcohol or other substance use disorder (not currently using drugs illegally)
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
  • Blind or low vision
  • Cancer (past or present)
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or serious difficulty hearing
  • Diabetes
  • Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
  • Epilepsy or other seizure disorder
  • Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
  • Intellectual or developmental disability
  • Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
  • Missing limbs or partially missing limbs
  • Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
  • Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
  • Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
  • Partial or complete paralysis (any cause)
  • Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
  • Short stature (dwarfism)
  • Traumatic brain injury
Select...

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.