Senior Security Vulnerability Management Engineer

About The Position

Requirements

• Hold a B.S. or M.S. in Computer Science, Information Security, Engineering or related fields.
• Have experience working with CI/CD pipelines, containerized environments, and building, testing, and deployment in an IL4 environment.
• Demonstrate understanding of FedRAMP CVE guidelines, remediation timelines, and vulnerability frameworks such as CVE and CVSS.
• Bring 5+ years of experience in Information Security, including 4+ years in Vulnerability Management, and 5+ years in DevOps.
• Able to perform vulnerability scanning using tools such as Tenable Nessus, Prisma Cloud, Burp Suite, and similar platforms (e.g., Qualys, Tenable).
• Demonstrate proficiency in scripting (Python, Bash, PowerShell, or similar) to automate remediation and reporting tasks.
• Able to apply experience in Infrastructure Security, including OS hardening, and good knowledge of network technologies and protocols.
• Utilize experience in application, network, and system security, including intrusion analysis, malware, antivirus, host-based and network forensics, and tools such as JIRA, Confluence, and ServiceNow.

Responsibilities

• Conducting vulnerability scans across systems, networks, endpoints, and applications.
• Validating, prioritizing, and driving remediation of identified vulnerabilities
• Partnering with engineering and IT teams to track and improve patching cadence.
• Owning vulnerability reporting, including tracking remediation status and risk exposure.
• Maintaining and optimize vulnerability scanning tools and schedules.
• Integrating vulnerability management tools with SIEM platforms.
• Developing dashboards and metrics to provide visibility into security posture for leadership.
• Creating and improving tools, documentation, processes, and techniques to support vulnerability remediation.
• Leading and coordinating stakeholder meetings to review findings and remediation plans.