Principal Security Engineer - Vulnerability Management
About The Position
The Principal Security Engineer - Vulnerability Management will lead the organizationâs vulnerability management initiatives, ensuring robust security across cloud, network, and infrastructure environments. This role is central to identifying, assessing, and remediating security risks while collaborating closely with engineering, platform, and development teams. The ideal candidate will design and implement scalable VM programs, automate workflows, and provide guidance on cloud security and containerized environments. You will influence security strategy, drive proactive risk mitigation, and mentor junior engineers in a fast-paced, collaborative environment. This position offers the opportunity to combine technical expertise, automation, and strategic insight to protect systems and data while enabling business innovation. The role requires both independent initiative and strong collaboration skills to deliver actionable, high-impact security outcomes.
Requirements
- 6+ years of experience in security, preferably in vulnerability management or related fields, including containerized and cloud environments
- Strong expertise in AWS cloud services (e.g., IAM, S3, Lambda, Security Hub, GuardDuty, Macie) and hands-on experience with infrastructure as code tools (Terraform, Pulumi, CloudFormation)
- Proficiency in scripting languages such as Python for automation and workflow development
- Experience with vulnerability scoring frameworks (CVSS) and security tools such as Palo Alto Prisma, JupiterOne, and monitoring platforms
- Solid understanding of common attack techniques, supply chain risks, and advanced persistent threat (APT) methodologies
- Strong collaboration, communication, and documentation skills, with the ability to influence cross-functional teams
- Ability to mentor, train, and guide junior team members while driving security initiatives independently
Responsibilities
- Lead and own the vulnerability management program, including identification, prioritization, and remediation of vulnerabilities across infrastructure, network, and cloud environments
- Implement and optimize VM lifecycle processes, leveraging automation tools and scripting to improve efficiency and accuracy
- Collaborate with engineering, platform, and development teams to integrate security best practices into CI/CD pipelines and cloud deployments
- Analyze risk, threat vectors, and exploitability, providing actionable insights to stakeholders and recommending mitigation strategies
- Maintain security tools and logging platforms, including orchestration, monitoring, and reporting for security posture visibility
- Mentor and develop junior security engineers, fostering a culture of continuous learning and operational excellence
- Stay current with emerging threats, APT tactics, and cloud security technologies, applying knowledge to strengthen organizational defenses
Benefits
- Competitive base salary range: $120,000 â $200,000 USD
- Equity grants and annual performance bonus eligibility
- Comprehensive medical, dental, and vision coverage
- Inclusive health and wellness programs
- Opportunities for professional growth and skills development
- Collaborative and supportive team culture with focus on innovation and continuous learning
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
