Sr Vulnerability Management Engineer
About The Position
The Senior Vulnerability Management Engineer is a senior technical contributor responsible for operating, scaling, and maturing the enterprise vulnerability management program across infrastructure, cloud, and application environments. This role drives risk‑based prioritization, partners closely with engineering teams to remediate vulnerabilities, and supports audit and compliance requirements across regulated environments. The role combines deep hands‑on technical expertise with program ownership, automation, and stakeholder engagement. Joining a team of cybersecurity professionals motivated to secure Solventum's healthcare information systems and the personal health information of our clients and their patients.
Requirements
- Bachelor’s Degree or higher and 7+ years of vulnerability management experience
- Experience administering vulnerability management platforms (Qualys, Tenable or similar)
- Experienced in performing a leadership role working across multiple teams and disciplines
- Knowledgeable with AWS or Azure cloud environments
- Familiarity with best practice software security requirements in industry standard compliance programs (NIST, HITRUST, FedRAMP, etc.)
- Ability to obtain and maintain a Public Trust clearance
- Strong communication skills, ability to work independently or collaborate with application teams
- Must be legally authorized to work in country of employment without sponsorship for employment visa status (e.g., H1B status).
Nice To Haves
- Application Security Experience
Responsibilities
- Lead and operate enterprise vulnerability management platforms (e.g., Qualys, Tenable or equivalent)
- Ensure accurate, consistent, and scalable scanning coverage across on-prem and various cloud environments.
- Ensure accurate asset coverage, scanning integrity, and risk-based vulnerability prioritization.
- Analyze findings, validate exploitability, and provide clear, actionable remediation guidance to engineering teams.
- Drive continuous improvement of vulnerability SLAs, metrics, and reporting.
- Partner with application, platform, and cloud teams to validate that systems meet security and compliance requirements (e.g., NIST 800‑53, FedRAMP, StateRAMP, SOC, HIPAA).
- Design and implement automation and integrations to improve vulnerability intake, tracking, reporting, and operational efficiency.
- Develop and maintain documentation, runbooks, and operational processes to improve consistency, resiliency, and cross‑team support.
- Provide technical leadership and mentorship to junior engineers and contribute to reducing single‑point dependencies across security tooling and workflows.
- Produce executive‑level reporting and metrics that clearly communicate risk posture, trends, and remediation progress to leadership.
- Mentor junior engineers and help reduce single points of failure across security tooling and processes.
- Responsibilities of this position include that corporate policies, procedures and security standards are complied with while performing assigned duties.
Benefits
- Medical, Dental & Vision
- Health Savings Accounts
- Health Care & Dependent Care Flexible Spending Accounts
- Disability Benefits
- Life Insurance
- Voluntary Benefits
- Paid Absences
- Retirement Benefits
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
