▷ [Urgente] Vulnerability & PKI Management...

Our vision at Petco is Healthier Pets. Happier People. Better World. We’re making things better for pets, people, and the planet through our Think Adoption First philosophy, the Petco Foundation, and other important initiatives that focus on putting animals first, educating pet parents, and reducing our carbon footprint. The journey starts with knowledgeable, passionately engaged associates who are proud to recommend Petco as a place to work, who believe in our Vision and who are committed to delivering a superior customer experience.

From our retail stores and our network of Distribution Centers to our Corporate offices, you'll work with others who share your values and commitment. We seek individuals who are passionate about animal welfare, have great people skills and are driven to grow and advance in their careers with us. Our ongoing growth is creating exceptional opportunities for professional development and personal enrichment throughout our organization.

Role Overview

We are looking for a hands-on Security Engineer to lead Vulnerability Management and PKI operations within the Information Security Operations team. This role will own vulnerability scanning across our data center, endpoint, and cloud VM environments and drive remediation through partnerships with infrastructure teams. In addition, the role will oversee the lifecycle of public-facing SSL / TLS certificates and contribute to automation and process maturity around PKI.

The ideal candidate brings experience managing Tenable or similar platforms, understands patching cycles across hybrid infrastructure, and is well-versed in certificate management using tools like Sectigo or DigiCert. A working understanding of internal CA / PKI principles is a plus.

Responsibilities

Vulnerability Management

• Own day-to-day operation of the Tenable platform : scan schedule, tagging, health checks, credential management and reporting.
• Drive remediation of vulnerabilities by partnering with infrastructure teams.
• Supports the end-to-end vulnerability process, including reporting of vulnerabilities and escalation of critical vulnerabilities.
• Document security guidance, process and policy around the vulnerability management program.
• Coordinate monthly patch guidance and vulnerability meetings for on-prem and cloud teams.
• Maintain scan health and results from vulnerability management platforms.
• Oversee ASV (Approved Scanning Vendor) scans for PCI compliance :
• Conduct network and web application scans.
• Validate and submit quarterly ASV reports, including dispute documentation for false positives or out-of-scope findings.
• Manage remediation and tracking for EOL (End-of-Life) systems across on-prem and cloud environments.

PKI & Certificate Management

o Oversee certificate lifecycle, including expiration review, issuance, renewals, and support requests.

o Automate certificate management processes where possible.

Qualifications

Preferred Skills