Security Engineer II - Threat and Vulnerability

About The Position

Requirements

• Advanced understanding of security control environment such as access control, logging, authentication, encryption, integrity, etc.
• Demonstrated experience managing vulnerabilities in both on-premises and cloud environments.
• Experience coordinating corporate-wide initiatives for obtaining security-related assurances.
• Familiarity with federal and state legal and regulatory requirements related to information security.
• Understand the advanced tenets of security risk management and defense-in-depth practices.
• The ability to combine pieces of information to form general rules or conclusions.
• Minimum Required: 2+ years' of experience in cybersecurity or IT with exposure to vulnerability management, configuration management, or cloud security.
• Strong understanding of analyzing and incorporating threat intelligence.
• Experience with ticketing systems, office productivity, reporting, and technical documentation software.
• Exposure to systems monitoring tools and logging tools
• Proficient in Microsoft Excel, Word, PowerPoint, and Outlook.
• Proficient with programming or scripting languages like Python, PowerShell, Bash, etc., for automation and tool integration.
• Proficient with numerous versions of Microsoft Windows, Linux, Mac, and Web Browsers.
• Hands-on experience with vulnerability management tools such as Tenable, Qualys, Rapid7.
• Familiar with cloud security frameworks and CSPM solutions like Prisma Cloud, Microsoft Defender for Cloud, and Wiz.

Nice To Haves

• Preferred: Bachelor's degree in Cybersecurity, Information Security, Computer Science, Management Information Systems, or equivalent work experience.
• Preferred: Experience developing automation or integrations via APIs or scripting.
• Preferred credentials: CompTIA Security+, CompTIA PenTest+, AWS, Azure, GCP, or equivalent cloud certification.

Responsibilities

• Research, analyze, and evaluate emerging threats, vulnerabilities, and exploits across on-premises and cloud environments.
• Monitor and correlate threat intelligence feeds to identify relevant tactics, techniques, and procedures (TTPs).
• Apply frameworks such as MITRE ATT&CK, OWASP, and CVSS to assess severity, exploitability, and business impact.
• Identify, assess, and manage vulnerabilities across cloud platforms such as AWS, Azure, or GCP, including misconfigurations and exposed services.
• Utilize CSPM and CWPP tools like Prisma Cloud, Defender for Cloud, and Wiz to detect, track, and report vulnerabilities.
• Collaborate with cloud, DevOps, and IT teams to remediate vulnerabilities and integrate security controls into infrastructure and pipelines.
• Implement and maintain secure configuration standards across servers, endpoints, databases, network devices, and cloud resources.
• Perform regular configuration audits and compliance checks using frameworks such as CIS Benchmarks, NIST 800-53, and DISA STIGs.
• Develop and maintain automation scripts or integrations with Python, PowerShell, Bash, JavaScript to streamline scanning, reporting, and data correlation.
• Integrate vulnerability management tools with SIEM, SOAR, and ticketing systems via APIs to improve workflow efficiency.
• Create dashboards and data visualizations to enhance threat visibility and remediation tracking.
• Track and verify remediation progress, ensuring alignment with defined SLAs, risk priorities, and compliance requirements.
• Communicate technical findings, risks, and remediation guidance clearly to both technical and non-technical stakeholders.

Benefits

• comprehensive benefits package to include health, dental and vision care
• 401k
• wellness initiatives
• life insurance
• paid time off