Career Opportunities: Lead Engineer, Information Security (IVM) - Remote (364917)

Logistics at full potential. 

At GXO, we’re constantly looking for talented individuals at all levels who can deliver the caliber of service our company requires. You know that a positive work environment creates happy employees, which boosts productivity and dedication. On our team, you’ll have the support to excel at work and the resources to build a career you can be proud of.

GXO Logistics is seeking a driven and experienced Lead Engineer for Information Security to join our global Cyber Security team. This pivotal role serves as the subject matter expert for GXO's infrastructure vulnerability management and remediation programs, operating within the Threat and Vulnerability Management team. The ideal candidate will be a self-motivated individual capable of taking ownership of the vulnerability management program within a large, complex organization. This position requires deep technical knowledge of infrastructure vulnerabilities, coupled with strong capabilities in complex data management, analytics, and reporting to provide clear and actionable insights. You will work closely with various technical teams to prioritize and drive the remediation of identified risks across GXO's diverse systems. Success in this role demands a holistic understanding of enterprise infrastructure, excellent collaboration skills, and a proactive approach to continuously enhancing GXO's security posture within a professional, respectful, and globally distributed team environment.

This is a fully remote role, however there are rare occasions where the team will meet up for collaborative sessions.  It is expected that the candidate had experience working remotely and will have a secure and professional space for performing their work.

Pay, benefits and more.

We are eager to attract the best, so we offer competitive compensation and a generous benefits package, including full health insurance (medical, dental and vision), 401(k), life insurance, disability.

What you’ll do on a typical day:

• Serve as the primary technical subject matter expert for the infrastructure vulnerability management and remediation program.
• Own, manage, and continuously improve the infrastructure vulnerability scanning tools, associated processes, and data integrity.
• Develop, automate, and maintain custom reporting and analytics dashboards tailored for both executive-level tracking and detailed technical guidance.
• Lead technical discussions and collaborate with stakeholders across the organization to prioritize and drive vulnerability remediation efforts.
• Stay current with the latest cybersecurity trends, threat intelligence, and newly disclosed vulnerabilities to ensure GXO remains protected against emerging threats.
• Bring an ownership mindset, proactively reviewing and enhancing current vulnerability management processes with a focus on accuracy, efficiency, and automation.
• Collaborate effectively with peers within the Information Security and Infrastructure teams, leveraging collective expertise to advance GXO's overall cybersecurity initiatives.

What you need to succeed at GXO:

At a minimum, you’ll need:

• Bachelor's degree, or equivalent related work or military experience
• 5+ years of direct experience focused on infrastructure vulnerability management within an enterprise-scale environment.
• Demonstrable understanding of core information security principles and practices related to threat and vulnerability management.
• Proven experience leading complex technical projects and initiatives across diverse teams within a large enterprise environment.
• Demonstrated ability to manage and manipulate large datasets to derive meaningful insights and drive data-informed decisions.
• Strong interpersonal, communication, and collaboration skills with the ability to build effective relationships and partner with technical and non-technical stakeholders globally.
• Demonstrated success in leading projects and managing responsibilities effectively with a high degree of autonomy in a remote setting.
• In-depth understanding of enterprise infrastructure systems and components, including Windows/Unix servers, networking devices (firewalls, routers, switches), cloud infrastructure (IaaS, PaaS, SaaS), and application stack components.
• Expertise in vulnerability management lifecycles, methodologies, and best practices.
• Proficiency with vulnerability scanning tools and platforms, including configuration, operation, troubleshooting, and data extraction.

It’d be great if you also have:

• Experience specifically with the Qualys vulnerability management platform.
• Proficiency in scripting and data manipulation using languages such as Python.
• Experience querying and managing data using SQL.

Experience developing reports and dashboards using business intelligence tools like Power BI.

We engineer faster, smarter, leaner supply chains.

GXO is a leading provider of cutting-edge supply chain solutions to the most successful companies in the world. We help our customers manage their goods most efficiently using our technology and services. Our greatest strength is our global team – energetic, innovative people of all experience levels and talents who make GXO a great place to work.

We are proud to be an Equal Opportunity/Affirmative Action employer. Qualified applicants will receive consideration for employment without regard to race, sex, disability, veteran or other protected status.

GXO adheres to CDC, OSHA and state and local requirements regarding COVID safety. All employees and visitors are expected to comply with GXO policies which are in place to safeguard our employees and customers.

All applicants who receive a conditional offer of employment may be required to take and pass a pre-employment drug test.

The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified. All employees may be required to perform duties outside of their normal responsibilities from time to time, as needed. Review GXO's candidate privacy statement here.