Security Engineer – Threat & Vulnerability Management

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Security, or related field, or equivalent work experience
• 3+ years of experience in information security in a hands-on role such as SOC analyst, security analyst, or similar
• Familiarity with EDR or endpoint security platforms; experience with CrowdStrike Falcon is a plus but not required
• Exposure to vulnerability scanning concepts and tools, even if not as a primary job function
• Basic understanding of SOAR or security automation concepts; direct platform experience is a plus but not required
• Working knowledge of common attack techniques, the MITRE ATT&CK framework, and alert triage decision-making
• Foundational understanding of cloud environments (AWS or Azure), networking, and operating systems
• Scripting or development aptitude (Python, Bash, or PowerShell) sufficient to support automation and workflow tasks
• Strong analytical and problem-solving skills with the ability to communicate findings clearly across technical and non-technical audiences

Nice To Haves

• Security certifications such as CompTIA Security+, CySA+, or equivalent
• Experience with a SOAR platform in any capacity, including alert workflow design or playbook development
• Hands-on experience with enterprise vulnerability scanners (Tenable, Qualys, Rapid7, or similar)
• Familiarity with SIEM platforms and basic query writing for alert investigation
• Knowledge of healthcare compliance requirements (HIPAA, HITRUST)
• Experience working across multiple environments or teams in a complex organization

Responsibilities

• Run and maintain vulnerability scans across cloud and on-premises environments using enterprise scanning tools
• Track vulnerabilities through the remediation lifecycle: triage, assignment, follow-up, and closure verification
• Help coordinate penetration testing engagements, including scheduling, scoping support, and tracking findings to remediation
• Assist with attack surface management activities including asset inventory maintenance and external exposure monitoring
• Produce vulnerability reports and metrics for security leadership and engineering stakeholders
• Work with infrastructure and cloud engineering teams to communicate and prioritize remediation
• Maintain documentation for exceptions, risk acceptances, and remediation SLA tracking
• Manage and triage CrowdStrike Falcon alerts, driving escalation and response coordination with the SOC
• Support and improve Red Canary SOAR automations, including updating playbooks and alert enrichment workflows
• Develop and tune detection use cases to improve alert fidelity and reduce false positives
• Document runbooks and escalation procedures for detections managed through this role
• Collaborate with SOC analysts to identify detection gaps and translate feedback into platform improvements
• Support threat hunting activities and security incident response as needed
• Help evaluate and onboard new log sources and detection data feeds to expand SOC coverage

Benefits

• Work from anywhere in the US!
• Top Medical/Dental/Vision offerings
• FSA/HSA
• Tuition reimbursement
• Competitive salary, 401(k) with company match
• Additional health and wellness benefits and perks
• Flexible and trusting environment where you’ll feel empowered to do your best work