Sr. Vulnerability Management Engineer

About The Position

Requirements

• 8+ years of progressive experience in cybersecurity, with 5+ years specifically dedicated to enterprise-scale vulnerability management in complex, hybrid environments.
• Proven track record of developing, leading, and maturing a successful vulnerability management program with measurable improvements in risk reduction.
• Deep, hands-on expertise with leading vulnerability scanning platforms (Tenable, Qualys, etc.) and cloud security posture management (CSPM) tools (Wiz, Prisma Cloud, etc.).
• Expert understanding of the vulnerability lifecycle, risk assessment, and advanced prioritization techniques (CVSS, EPSS, CISA KEV).
• Proficiency in assessing vulnerabilities across diverse environments, including on-premise infrastructure, multi-cloud platforms (AWS, Azure, GCP), and container technologies (Docker, Kubernetes).
• Exceptional leadership and communication skills, with the ability to influence cross-functional teams and present complex technical concepts to both technical and executive audiences.

Nice To Haves

• Bachelor’s degree in a relevant field (Computer Science, Cybersecurity, etc.) or equivalent extensive experience.
• Experience with scripting languages (Python, PowerShell) to automate tasks and integrate tools.
• Knowledge of 'Security as Code' principles and experience integrating security into CI/CD pipelines.
• Familiarity with compliance frameworks (PCI DSS, HIPAA, SOX, NIST) and their impact on vulnerability management.
• Highly desirable certifications: CISSP, CISM, CRISC, GIAC, OSCP, or relevant cloud security certifications.

Responsibilities

• Develop and own the enterprise vulnerability management strategy, roadmap, policies, and standards, ensuring alignment with business objectives and regulatory requirements.
• Act as the definitive subject matter expert on vulnerability threats, exploitation techniques, and mitigation strategies, providing thought leadership to the organization.
• Define the organization's risk appetite in collaboration with executive leadership, ensuring the program operates effectively within established risk tolerance levels.
• Mentor and guide junior engineers and analysts, serving as the technical escalation point for complex vulnerability issues.
• Lead the end-to-end vulnerability management lifecycle: from asset discovery, scanning, and analysis to reporting and remediation tracking across all on-premise, cloud (IaaS, PaaS, SaaS), and containerized environments.
• Architect, manage, and optimize our suite of vulnerability management tools (e.g., Tenable, Qualys, Rapid7, Wiz, Prisma Cloud) to ensure comprehensive coverage and efficiency.
• Drive automation and continuous improvement within the program to streamline processes and enhance capabilities.
• Partner with IT and engineering teams to maintain a comprehensive and accurate asset inventory, a critical foundation for program success.
• Build strong partnerships with Engineering, IT, DevOps, and Application Development teams to drive the timely remediation of vulnerabilities and ensure adherence to SLAs.
• Develop and maintain robust metrics, KPIs, and KRIs to measure program effectiveness and communicate our security posture to technical teams and executive leadership.
• Design and deliver clear, actionable dashboards and reports that translate complex technical data into business-relevant risk insights.
• Champion 'shift-left' principles by working with DevSecOps teams to integrate security into the Software Development Lifecycle (SDLC).

Benefits

• Medical/Dental/Vision Insurance
• Life Insurance
• Disability Insurance
• 401k Plan + Company Match
• Stock Purchase Plan
• Paid Vacations/Holidays
• Paid Baby Bonding Leave
• Employee Discounts
• PowerU - 100% Funded Education Programs
• Employee Donation Matching
• Volunteer Hour Rewards