Senior Vulnerability Management Engineer

About The Position

Requirements

• 7+ years of progressive experience in Information Security, with at least 3 years dedicated to a senior/lead role in Vulnerability Management.
• High-level proficiency in scripting for developing security automation, API integration, data manipulation, and building custom security and reporting tools.
• Deep, hands-on experience securing large-scale cloud environments and traditional on-premises enterprise systems.
• Expertise in administering and tuning enterprise-grade vulnerability scanning solutions (e.g., Tenable.io/Nessus, Qualys, Rapid7 Nexpose) across both cloud and on-premises assets.
• Thorough understanding of vulnerability scoring standards (CVSS v3+) and the methodologies used to prioritize risks based on business context and threat intelligence.
• Experience with CI/CD pipeline security, DevSecOps practices, and integrating security testing into the development lifecycle.

Nice To Haves

• Experience with advanced data analytics platforms (e.g., ELK Stack) for security data visualization and correlation.
• Direct experience with container and orchestration security scanning (e.g., Docker, Kubernetes).
• Experience in developing solutions leveraging configuration management tools (e.g., Terraform, Ansible, Chef).

Responsibilities

• Lead the Vulnerability Management Program: Strategically design, implement, and continuously mature the vulnerability scanning and management program across the enterprise, including on-premises infrastructure (servers, network devices), applications, containers, and complex cloud environments.
• Automation and Engineering: Architect, develop, and maintain robust automation pipelines to integrate vulnerability scanners with cloud APIs, asset inventory, and orchestration tools, significantly reducing manual efforts and improving data accuracy.
• Cloud and Infrastructure Security Expertise: Serve as a subject matter expert for identifying, assessing, and remediating vulnerabilities specific to both cloud and on-premises services and configurations.
• Risk Analysis and Prioritization: Continuously refine the risk-based prioritization methodology, ensuring the highest severity and most exploitable vulnerabilities are addressed first, collaborating closely with development and infrastructure teams.
• Tool Management: Evaluate, deploy, configure, and maintain advanced vulnerability scanning platforms (e.g., Tenable, Qualys, Rapid7), ensuring optimal coverage, accuracy, and integration across the hybrid environment.
• Mentorship and Documentation: Mentor junior team members, develop detailed technical documentation, and define best practices for vulnerability identification, reporting, and remediation.
• Reporting and Metrics: Define, track, and present advanced security metrics (KPIs/KRIs) and management-level reports on the overall vulnerability posture, remediation trends, and program effectiveness.
• Process Improvement: Drive measurable improvements in the mean time to detect (MTTD) and mean time to remediate (MTTR) vulnerabilities.

Benefits

• salary
• Amazon Restricted Stock Units (RSUs)
• Zoox Stock Appreciation Rights
• sign-on bonus
• paid time off (e.g. sick leave, vacation, bereavement)
• unpaid time off
• Zoox Stock Appreciation Rights
• Amazon RSUs
• health insurance
• long-term care insurance
• long-term and short-term disability insurance
• life insurance