A recognized services company is currently seeking a new Senior Vulnerability Management Engineer to enhance the organization’s cybersecurity posture by leading efforts to identify, assess, and remediate vulnerabilities across cloud, on-premises, and hybrid environments.
***Hybrid Mon, Wed, Thurs Onsite, Tues and Fri Remote***
Key Responsibilities:
- Configure, maintain, and optimize vulnerability management tools and related security systems.
- Identify, assess, prioritize, and coordinate remediation of vulnerabilities across cloud, on-premises, and hybrid environments.
- Collaborate with IT, DevOps, and Security teams to validate findings and implement effective mitigation strategies.
- Develop and deliver executive-level reporting that translates technical issues into business risk and impact.
- Ensure compliance with regulatory and internal security frameworks through consistent monitoring and documentation.
- Design and implement automated workflows for vulnerability tracking, reporting, and remediation.
- Contribute to incident response activities involving exploitation or active threats.
- Stay current with evolving vulnerabilities, threat landscapes, and security technologies.
Qualifications:
- 5 years of Vulnerability Management experience within complex IT environments (cloud, on-premises, hybrid)
- Strong understanding of Operating systems (Windows, Linux, Unix), Networking protocols, and Cloud platforms (AWS, Azure, GCP)
- Advanced proficiency in vulnerability management and security platforms (e.g., Nucleus Security, Rapid7, Microsoft Defender for Endpoint, ServiceNow, BitSight, or equivalent)
- Solid understanding of regulatory frameworks and experience applying security controls to maintain compliance
- Proven ability to design and implement automation and process improvements for efficient vulnerability management
- Strong attention to detail and data-driven decision-making capabilities
- Excellent written and verbal communication skills with the ability to engage technical and non-technical stakeholders effectively
Desired Skills:
- Relevant industry certifications (e.g., CompTIA Security+, CISSP, CISM, or similar)
- Familiarity with Cloud Security best practices and emerging threats
- Experience managing complex Security projects, such as tool integrations, migrations, or program enhancements
- Working knowledge of Regex for automation and data parsing within Vulnerability Management tools
- Basic SQL skills for data querying and reporting automation
- Solid understanding of the Purdue Model for Industrial Control Systems (ICS) Network Segmentation and Security
