Rivian is on a mission to keep the world adventurous forever. This goes for the emissions-free Electric Adventure Vehicles we build, and the curious, courageous souls we seek to attract.
As a company, we constantly challenge what’s possible, never simply accepting what has always been done. We reframe old problems, seek new solutions and operate comfortably in areas that are unknown. Our backgrounds are diverse, but our team shares a love of the outdoors and a desire to protect it for future generations.
Rivian is looking for an experienced Attack Surface Lead to join our Enterprise Cybersecurity team. This position will be responsible for leading and coordinating penetration testing efforts to test, validate and improve Rivian applications and environments. This position will also be responsible for coordinating with the third-party vendors and creating metrics to demonstrate application’s security maturity. This role combines strategic planning to raise the bar on security across Rivian environments to quickly react to new threat scenarios.
Responsible for supporting the multitude of ongoing technical projects within, including:
- Establishing a penetration testing strategy across the environments.
- Setup scoping guidelines and work with technical teams to prepare for testing activities.
- Coordinate with third-party vendors for Security assessments.
- Prioritize, communicate, and track the security issues with the stakeholders.
- Develop and execute strategy to protect Rivian applications from external threats.
- Assist in developing methodologies for continuous enhancement to penetration testing methods and processes.
- Research and maintains proficiency in penetration testing tools, mitigation plans and vulnerability trends.
- Analyze data to identify the trends, make recommendations and provide detailed reports to the stakeholders.
- Maintain a professional working relationship with the other departments through clear communication.
- 5 + year(s) of penetration testing experience (Mobile, Web applications, Infrastructure)
- Good understanding of security engineering and application security.
- Experience with vulnerability assessments and penetration testing tools.
- Knowledge and skills to identify the vulnerabilities and to exploit them.
- Ability to understand, analyze and correlate security vulnerabilities and support on implementing countermeasures.
- Ability to create reports and presentations on vulnerability assessments and penetration testing.
- Ability to develop and maintain process to enhance organizational effectiveness.
- Prior risk assessment experience with applications.
- Ability to work collaboratively with cross functional teams.
- Continual review and education on emerging trends and threats to enhance tooling and processes
- Strong interpersonal skills. Ability to work effectively in a team-oriented environment.
- Strong technical communication skills (written and verbal)
- Loves what s/he does
Rivian is an equal opportunity employer and complies with all applicable federal, state, and local fair employment practices laws. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, ancestry, sex, sexual orientation, gender, gender expression, gender identity, genetic information or characteristics, physical or mental disability, marital/domestic partner status, age, military/veteran status, medical condition, or any other characteristic protected by law.
Rivian is committed to ensuring that our hiring process is accessible for persons with disabilities. If you have a disability or limitation, such as those covered by the Americans with Disabilities Act, that requires accommodations to assist you in the search and application process, please email us at firstname.lastname@example.org.
We take your privacy seriously. For details please see our Candidate Privacy Notice.
Please note that we are currently not accepting applications from third party application services.