Staff Engineer II, Cyber – Threat and Vulnerability Management

About The Position

Requirements

• 6+ years of related experience in cybersecurity or security engineering experience or similar field.
• Bachelor's degree in related field required.
• Advanced to expert experience with and knowledge of Vulnerability Management Systems, DAST Scanning, SAST, and SCA.
• Advanced to expert knowledge of patch management systems.
• Advanced knowledge of NIST, MITRE and Administration of an IT Automation platform.
• Advanced Linux experience.
• Advanced automation skills (Python, PowerShell, Bash).
• Experience in regulated or highly controlled environments.
• Advanced speaking and writing communication skills.

Nice To Haves

• Previous leadership experience preferred.
• Advanced knowledge of general Financial Services or Banking is preferred.
• Hands-on ServiceNow Vulnerability Response experience preferred.
• Risk-based vulnerability scoring expertise preferred.

Responsibilities

• Help engineer, operationalize, and continuously mature a scalable, risk-based Threat & Vulnerability Management (TVM) program across hybrid environments, including on-premises infrastructure, cloud platforms, containerized workloads, and CI/CD pipelines.
• Collaborate with internal business partners and IT Tower Leads to proactively address ongoing vulnerability and configuration hardening issues to ensure rapid resolution.
• Foster a collaborative environment with focus on continuous mitigation and mitigation of cyber vulnerabilities.
• Proactively recommend improvements to established processes while continuing to deliver high value in execution.
• Create and deliver comprehensive project plans.
• Remove any impediments, track overall project performance, specifically to analyze the successful completion of business short-term and long-term goals.
• Serve as a hands-on technical leader responsible for building, integrating, and automating vulnerability discovery, prioritization, remediation workflows, and security guardrails.
• Partner closely with Cyber Defense, Cloud Engineering, Infrastructure, DevOps, Application, and Platform teams to reduce enterprise risk through measurable, engineering-led outcomes while operating within established governance and risk frameworks.
• Assist in the strategic direction and execution of the TVM program, covering cloud, infrastructure, application, container, and endpoint environments.
• Review and enforce CIS security baseline compliance across enterprise assets, including cloud workloads, servers, and endpoints.
• Integrate automated scanning and security controls into DevSecOps pipelines to detect and remediate vulnerabilities early in the development lifecycle.
• Work cross-functionally with Cloud Engineering, DevOps, Infrastructure, and IT to prioritize and remediate vulnerabilities based on business risk, exploitability, and regulatory requirements.
• Support the use and optimization of enterprise vulnerability scanning and compliance tools.
• Monitor emerging threats, zero-day vulnerabilities, and misconfigurations, and lead remediation and communication efforts accordingly.
• Produce reporting and metrics that provide visibility into vulnerability trends, patch compliance, and CIS benchmark adherence for technical and executive audiences.
• Contribute to cloud security governance, including the design and enforcement of security guardrails, Infrastructure-as-code (IaC) reviews, and automated compliance checks.
• Ensure alignment with regulatory standards (e.g., FFIEC, GLBA, PCI-DSS, NIST 800-53, ISO 27001) and drive continuous improvement in control effectiveness.
• Support a team of security analysts and engineers focused on vulnerability detection, analysis, and risk mitigation.

Benefits

• Competitive salaries
• An ownership stake in the company
• Medical and dental insurance
• Time off
• A great 401k matching program
• Tuition assistance program
• An employee volunteer program
• A wellness program
• Opportunity to bolster your business knowledge, learning the ins and outs of how successful companies operate and manage their finances, giving you invaluable hands-on experience to help grow your career!