Sr Cybersecurity Engineer

About The Position

Requirements

• Deep understanding of vulnerability management processes, CVSS scoring, and remediation strategies.
• Hands-on experience with Qualys VMDR, including asset discovery, authenticated scanning, vulnerability assessment, and reporting.
• Strong knowledge of vulnerability lifecycle management
• Ability to interpret Qualys findings and translate technical vulnerabilities into actionable remediation guidance for technical and non-technical stakeholders.
• Familiarity with container security, Kubernetes, and cloud-native application security.
• Experience securing cloud environments (AWS, Azure, GCP) and implementing IaC security controls (Terraform, CloudFormation).
• Proficiency in scripting and automation (Python, Bash, or similar) for vulnerability scanning and remediation workflows.
• Solid understanding of networking fundamentals, TCP/IP, OSI model, and application layer protocols (HTTP, SSL/TLS, DNS).
• Knowledge of security frameworks and standards (NIST CSF, ISO 27001, OWASP Top 10).
• Strong analytical skills for interpreting vulnerability data and assessing business impact.
• Excellent communication skills for collaborating with developers, operations teams, and leadership.
• Ability to think strategically, innovate, and implement scalable security solutions.
• Experience Bachelor’s Degree in related field or equivalent work experience strongly preferred
• High School Diploma or equivalent required
• 3-5 years of experience in large and complex business environments with a successful track record working directly with senior level management preferred
• 3-5 years of experience in one or more of the following domains: Cybersecurity, Information Security, Network Engineering, or Network Operations, Information Technology, Application Development preferred
• Cybersecurity related certifications strongly preferred

Nice To Haves

• Experience with CI/CD security integration and automated vulnerability scanning.
• Familiarity with microservices architecture and securing APIs.
• Knowledge of threat modeling and risk assessment methodologies.

Responsibilities

• Develop and maintain technical security requirements, standards, and documentation for vulnerability management and application security.
• Design and implement security solutions with emphasis on:
• Vulnerability Management (VM) platforms and processes
• Application Security tools (SAST, DAST, IAST)
• Web Application Firewalls (WAF)
• Secure coding practices and CI/CD pipeline integration
• Perform vulnerability assessments and penetration testing for applications and systems; analyze findings and drive remediation efforts.
• Utilize Qualys VMDR to perform automated and on-demand vulnerability scans across infrastructure, applications, and cloud environments
• Analyze scan results, assess risk, and collaborate with system owners to prioritize and remediate vulnerabilities
• Monitor and analyze system logs and security alerts to detect unauthorized access or anomalies.
• Create and present remediation progress, security metrics, vulnerability trends, and risk reports to leadership.
• Participate in incident response activities, providing technical expertise for application-related security incidents.
• Conduct periodic risk assessments for applications and supporting infrastructure.
• Evaluate and recommend security tools and technologies to enhance vulnerability detection and remediation capabilities.
• Stay current on emerging threats, vulnerabilities, and regulatory requirements impacting application security.

Benefits

• Generous benefits package available on day one to include: 401K matching, bonding leave for new parents (12 weeks, 100% paid), tuition assistance, training, GM employee auto discount, community service pay and nine company holidays.
• Competitive pay and bonus eligibility.
• Flexible hybrid work environment, 2 days a week in the office.