Vulnerability Management & Security Systems Engineer
Southland Credit Union•Rossmoor, CA
3d
About The Position
The Vulnerability Management & Security Systems Engineer is responsible for leading the organization’s vulnerability management lifecycle, with a strong emphasis on risk identification, tracking, and remediation across all environments. This role leverages tools such as Rapid7 and ManageEngine to drive measurable risk reduction and works closely with Information Security, Infrastructure, and Messaging teams to ensure secure, resilient systems. The engineer also provides security-focused systems and network engineering support as needed
Requirements
- Bachelor’s degree in Cybersecurity, Information Technology, or equivalent experience.
- 3+ years of experience in vulnerability management, security engineering, or systems engineering.
- Hands-on experience with Rapid7 vulnerability scanning and reporting.
- Experience using ManageEngine or similar platforms for patching, ticketing, or remediation tracking.
- Strong understanding of Windows, Linux, and Microsoft 365 environments.
- Knowledge of vulnerability scoring (CVSS), threat modeling, and risk-based prioritization.
- Ability to clearly communicate security risk to both technical and non-technical audiences.
Nice To Haves
- Experience securing Microsoft 365 (Exchange Online, Defender, identity and access controls).
- Experience in cloud or hybrid environments.
- Security certifications such as Security+, CISSP, GIAC, or Microsoft Security certifications.
- Experience supporting regulated or compliance-driven environments.
Responsibilities
- Own and operate the enterprise vulnerability management program using Rapid7.
- Conduct regular vulnerability scans across servers, endpoints, network devices, applications, and cloud workloads.
- Analyze and validate scan results, prioritize findings based on risk, exploitability, and business impact.
- Track vulnerabilities through remediation using Rapid7 and other tools, ensuring accountability and timely closure.
- Partner with infrastructure, endpoint, and application teams to perform and/or coordinate remediation efforts.
- Verify remediation through rescanning and documentation.
- Develop metrics, dashboards, and reports to communicate risk posture and remediation progress.
- Support security audits, compliance initiatives, and third-party risk assessments.
- Provide security-focused engineering and administration for Windows and Linux systems.
- Support Microsoft 365 security and messaging services, including Exchange Online, Defender, and security configurations.
- Assist with patch management, configuration baselines, and system hardening.
- Implement and maintain security controls aligned with organizational standards and best practices.
- Support incident response activities related to vulnerabilities, malware, or system compromise.
- Participate in infrastructure and security improvement projects, including migrations and modernization efforts.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
