Information Security Engineer – Vulnerability Management

About The Position

Requirements

• Bachelor’s degree in Information Technology, Cybersecurity, or a related field, or an equivalent combination of education and relevant experience.
• At least six (6) or more years of progressive, relevant experience in IT and/or information security.
• Deep and broad experience in IT architecture, asset management, process development, patch management, and vulnerability management, including operating systems, cloud services, and information security.
• Strong technical knowledge of application security, operating system security, network security, and networking technologies.
• Proven experience with system, security, and network monitoring tools.
• Thorough understanding of current security principles, techniques, and protocols.
• Proven hands-on experience building, implementing, and maintaining secure IT systems and solutions.
• Experience working with patch management solutions such as Ivanti (formerly Avanti), SCCM, or equivalent platforms.
• Experience with vulnerability management tools such as Nessus, Rapid7, or equivalent solutions.
• Ability to effectively communicate information security risks, issues, and recommendations to technical and non-technical stakeholders.
• Ability to problem-solve
• Excellent interpersonal, verbal and written communication skills, including the ability to communicate effectively in a virtual environment (e.g., via phone, web/videoconference)
• Ability to concentrate on tasks, make decisions and work calmly and effectively in a high-pressure, deadline-orientated environment
• Demonstrated ability to use good judgment in taking initiative while asking for direction or clarification and consulting others, as appropriate
• Willingness to be flexible with time and adjust to a changing work environment
• Ability to build and maintain positive relationships, both internally and externally, while maintaining a client service orientation
• Ability to use sound judgment and discretion in dealing with highly confidential information
• Ability to take direction and accept supervision
• Demonstrated ability to work independently, organize and accurately prioritize work, be detail-oriented, understand when urgency is required and use good judgment in varied situations
• Ability to work effectively with co-workers in a team oriented collaborative environment

Nice To Haves

• Relevant education, specialized training, and/or professional certifications (e.g., CISSP) related to information security are preferred.

Responsibilities

• Performs ongoing vulnerability assessments and security configuration reviews across servers, workstations, networking infrastructure, Microsoft Azure, and Microsoft 365 environments.
• Executes day-to-day vulnerability management activities, including risk evaluation, prioritization, and remediation tracking.
• Administers and supports the full patch management lifecycle, including deployment coordination, troubleshooting, and issue resolution.
• Implements, monitors, and maintains CIS and Microsoft baseline security configuration standards to ensure alignment with security best practices.
• Maintains accurate asset inventories, with focused attention on external-facing assets and services.
• Monitors and manages security tools and consoles to ensure effective system performance and control effectiveness.
• Develops risk-based recommendations and provides regular metrics and reporting to support informed decision-making and program transparency.
• Collaborates with internal teams and managed security service providers to address vulnerabilities, resolve security issues, and strengthen overall security posture.
• Participates in security events as a member of the Security Incident Response Team
• Special projects and other duties as assigned

Benefits

• Flexible working environment for work-life success
• Opportunity to participate in firm-sponsored volunteer events
• Wellness programming with personalized content and activities
• Professional environment and the opportunity to work with experts at the top of their fields
• Variety of health plan options, as well as dental, vision and 401(k) plans
• Generous paid time off