Senior Vulnerability Management Engineer

Group 1001
$190,000 - $230,000Remote

About The Position

As a Senior Vulnerability Management Engineer at Group 1001, you are equal parts security practitioner and infrastructure engineer. You will combine your deep vulnerability expertise with systems engineering prowess to identify, prioritize, and drive remediation of risks across cloud, on-prem, applications, and OT/embedded systems. You will be responsible for shaping the Vulnerability Management function into a system optimized with significant automation. Your goal is to discover, contextualize, and mitigate the increasingly rapid volume, velocity, and nature of vulnerability exploitation in a post-AI world. This role exists to deliver this goal by using systems for discovery, assessment, contextual prioritization, and assignment to the responsible technology owners. Where human effort is required, your expertise helps navigate the edge cases, framework tuning, and hardening the pipeline.

Requirements

  • Bachelor's degree in Computer Science, Information Security, or related academic field or equivalent experience.
  • 5-7 years of professional experience in information security, with focus on the financial sector.
  • Hands-on experience deploying, configuring, and managing vulnerability scanning solutions at enterprise scale, including policy design, tuning for noise reduction, and managing performance impact (e.g. Tenable, Microsoft Defender, Wiz, Tanium.)
  • Hands-on experience engineering, integrating, and optimizing for automation of security platforms (e.g. Swimlane, Elastic).
  • Strong knowledge of public cloud platforms (e.g., AWS, Azure, GCP) from an infrastructure and development aspect and their related security features.
  • Familiarity with DevSecOps practices and CI/CD pipelines.
  • Understanding of industry security frameworks, standards, and best practices (e.g., NIST, ISO, CIS).
  • Proficiency in one or more software programming languages (e.g. Python, Golang, JavaScript), particularly for automation of security platform operations, health monitoring, and integration tasks.
  • Strong communication and collaboration skills, with the ability to work closely with engineering, operations and infrastructure teams.
  • Familiarity with compliance standards and regulations.
  • Creativity and critical thinking with the ability to work both independently and collaboratively in a fast-paced environment.
  • Be able to serve as a mentor or subject matter expert to other members within the organization, particularly in the areas of vulnerability management and systems engineering.

Responsibilities

  • Own the end-to-end vulnerability management pipeline: asset discovery > scanning > enrichment > prioritization > assignment > verification > closure.
  • Build, codify, and iterate a data-driven prioritization framework (blending CVSS, EPSS, KEV, exploit availability, asset criticality, exposure/reachability, compensating controls, and business context).
  • Automate the full workflow via SOAR playbooks, webhooks, REST/GraphQL APIs, message queues, and custom scripts where needed.
  • Develop and improve KPIs, metrics, and trending for vulnerability management functions, and bring leadership attention to root-cause issues driving systemic vulnerability risk.
  • Integrate scanners, CMDB/asset inventory, EDR, cloud providers (AWS/Azure/GCP), and others into a single pipeline for management.
  • Continuously reduce noise: dedupe, suppress known-benign, correlate related findings, and auto-close on evidence of remediation.
  • Evaluate and integrate AI/LLM tooling for triage, false-positive suppression, remediation guidance, and vulnerability research — with appropriate guardrails.
  • Lead technical response for emergency patch cycles on various technical platforms.

Benefits

  • Comprehensive health, dental, and vision insurance plan options
  • Basic and Supplemental Life Insurance
  • Short and Long-Term Disability
  • Employee Assistance Program
  • Wellness programs
  • 401K plan, with matching contributions by the Company
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service