Staff Security Engineer | Security Configuration Management

About The Position

Requirements

• Experience in leveraging or critically thinking about how to integrate AI into work processes, decision-making, or problem-solving. This may include using AI-powered tools, automating workflows, analyzing AI-driven insights, or exploring AI's potential impact on the function or industry.
• 8+ Years Experience managing configuration compliance or vulnerability scanning tools (e.g., Tenable, Wiz, Qualys, OpenSCAP, Trivy) or a Bachelor's degree in Computer Science, Engineering, or equivalent professional experience.
• Strong knowledge of Linux/Unix and/or Mac/Windows operating systems and secure hardening principles.
• Programming or scripting proficiency (Python, PowerShell, Java, C, or similar) to automate workflows and analyze data.
• Hands-on experience with AWS, Azure, and/or Google Cloud environments.
• Experience with container platforms (Docker, Kubernetes, OpenShift) and related configuration/security considerations.
• Familiarity with CIS Benchmarks, STIGs, PCI, NIST, or other security configuration frameworks.
• Understanding of infrastructure vulnerabilities, risk assessment methods, and remediation priorities.
• Fundamental understanding of systems and network engineering, including operating system configuration and network communication (OSI model).
• Strong foundation in AI concepts, including how to use, integrate, and automate workflows with AI agents, and awareness of how AI can accelerate configuration management.
• Experience collaborating in distributed/remote environments with cross-functional technical teams globally.
• Ability to articulate complex technical issues to both engineers and executive stakeholders.
• Strong analytical and problem-solving approach; able to think both technically and strategically.
• Effective written and verbal communication skills and ability to build trust with diverse partners.
• Comfortable working with evolving requirements and adapting to change.
• Minimum of 5 years of experience performing Vulnerability and/or Security Configuration Management
• Understanding and experience with Federal, PCI Compliance and Security Frameworks

Nice To Haves

• Familiarity with the ServiceNow Platform, especially SecOps Configuration Compliance, is a plus.
• Proficiency working in an Agile environment, including sprint planning, backlog refinement, and delivery tracking, including experience in Agile roles (Scrum Master, Product Owner) or facilitating team ceremonies are a plus.
• Experience developing or maintaining Power BI dashboards or reports, including data modeling and visualization best practices are a plus.
• Security certifications (e.g., CISSP, GSEC, Security+, CCSP) are a plus.

Responsibilities

• Lead the implementation and improvement of secure configuration baselines across multiple environments and technologies, including containerized workloads and Kubernetes.
• Integrate and optimize scanning tools (e.g., Tenable, Wiz, Trivy) and support evaluation of emerging technologies.
• Enhance and operate ServiceNow's SecOps Configuration Compliance workflows, reporting, and data quality.
• Develop and refine risk-based prioritization and remediation models.
• Partner with product, platform, compliance, and security engineering teams to drive practical remediation and influence roadmap improvements.
• Support the strategic vision for AI-assisted configuration management, automation, and policy-driven remediation.