Apply now »

Engineer, Attack Surface Management

Attack Surface Management Engineer


Position Summary:

The Attack Surface Management Engineer is responsible for the deployment, configuration, and management of attack surface management tools and delivery of related services.

The role of Attack Surface Management Engineer is to identify and analyze the attack surface of Royal Caribbean information systems, identify security problems, and drive remediation.

This role will be responsible for identifying misconfigurations and failure to comply with security baselines/policies. Although not primarily responsible for Application Security or Attack surface management, the Attack Surface Management Engineer will also work closely with those teams to ensure that their efforts are informed by an accurate inventory of our entire attack surface.


Essential Duties and Responsibilities:

  • Conduct attack surface discovery of both on-premise and Cloud infrastructure using multiple tools, including NMAP, WHOIS, Shodan, and others.
  • Identify unknown services and configuration issues found during discovery.
  • Identify system owners and work toward timely remediation of identified issues.
  • Recommend security controls and corrective actions to mitigate technical and business risk
  • Develop and evolve security configuration baselines to comply with CIS Benchmarks, PCI, GDPR, and similar requirements.
  • Deploy and manage tools that detect variation from secure configuration requirements, especially CSPM.


Qualifications, Knowledge, and Skills:

  • 4+ years of information technology experience, including 2+ years of specialization in attack surface management (such as attack surface discovery or secure configuration baselining).
  • Bachelor’s Degree in information security or equivalent. Advanced degree preferred.
  • Experience with attack surface discovery tools (e.g. Shodan, RiskIQ, Censys, etc.).
  • Experience with cloud security posture management tools (e.g. Prisma, Orca Security, ZScaler CSPM, etc.).
  • Expert knowledge of securing Active Directory, Azure AD, and cloud environments.
  • Certifications related to secure configurations in Microsoft, Azure, AWS, and similar preferred


This position is based in Manila, Philippines. Up to 30% travel including other countries may be required


Apply now »