Security Engineer - Exposure Management

About The Position

Requirements

• Minimum 5 years of experience in information security.
• Minimum 3 years of hands-on experience in enterprise vulnerability management, exposure management, or network security.
• Strong understanding of networking fundamentals including firewalls, ACLs, routing, load balancing, and externally exposed architectures.
• Strong understanding of DNS, web infrastructure, certificates, and DMZ environments.
• Understanding of infrastructure vulnerability assessment and discovery scanning concepts.
• Basic understanding of cloud-hosted and externally exposed services.
• Basic understanding of web applications and externally facing service risk.
• Strong experience correlating external data to internal systems and ownership across inconsistent datasets.
• Strong analytical and complex technical problem-solving skills.
• Ability to assess and communicate risk beyond tool-generated severity using context.
• Experience working with CMDB or similar systems for asset and ownership tracking.
• Ability to operate independently in a greenfield program environment.

Nice To Haves

• Experience integrating external exposure data into ServiceNow workflows for routing and tracking.
• Experience improving data quality, deduplication, and correlation across multiple data sources.
• Experience working with externally exposed enterprise environments and perimeter infrastructure.
• Experience automating data collection, normalization, or correlation using scripting or APIs.
• Sec+ required. Higher-level security or risk-related certifications preferred.

Responsibilities

• Build and operate the attack surface management capability, including processes, integrations, and workflows.
• Maintain visibility into externally exposed assets including domains, IPs, web applications, APIs, certificates, load balancers, and DMZ services.
• Correlate external findings to internal systems and ownership across complex, indirect relationships.
• Coordinate with threat intelligence, network, firewall, DNS, and load balancing teams to validate exposure and ownership.
• Develop and maintain integrations to support discovery, enrichment, and correlation of external assets.
• Drive routing accuracy by ensuring findings map to the correct owners and identifying ownership gaps.
• Identify and resolve data quality issues impacting visibility, coverage, and correlation.
• Integrate findings into ServiceNow workflows where applicable to support routing and tracking.
• Reduce manual effort by standardizing and automating repeatable processes.
• Analyze exposure and vulnerability data in context to determine actual risk beyond tool-based severity.
• Communicate complex technical risk clearly to non-technical stakeholders with actionable recommendations.
• Document processes, playbooks, and operational standards to sustain the capability.

Benefits

• Annual Incentive Program
• Medical/Pharmacy Plan
• Dental
• Vision
• Life Insurance
• Dependent Care Reimbursement Account
• Health Care Reimbursement Account
• Health Savings Account (HSA) (if enrolled in eligible health plan)
• Limited-Purpose FSA (if enrolled in eligible health plan and HSA)
• Transportation Reimbursement Account
• Short-term disability (STD)
• Long-term disability (LTD)
• Employee Assistance Program (EAP)
• Fitness Center Reimbursement (if enrolled in eligible health plan)
• Tuition reimbursement
• Transit programs
• Employee recognition program
• Pension
• 401(k) plan
• Paid time off (PTO)
• Holidays
• Volunteer Paid Time Off (VPTO)
• Parental Leave