Senior Vulnerability Management Engineer

Foster CityFull-timesenior

EngineeringSecurityVulnerability Management Engineer

0 views0 saves0 applied

Apply Now

Quick Summary

Overview

We are seeking a highly experienced and technically proficient Senior Vulnerability Management Engineer to lead and mature our enterprise vulnerability management program.

Technical Tools

EngineeringSecurityVulnerability Management Engineer

We are seeking a highly experienced and technically proficient Senior Vulnerability Management Engineer to lead and mature our enterprise vulnerability management program. This critical role involves architecting, implementing, and optimizing vulnerability scanning and remediation processes, with a strong emphasis on automation, securing our cloud infrastructure, and managing traditional on-premises systems. The ideal candidate will be a subject matter expert in cloud and traditional security, possess advanced scripting capabilities, and be adept at driving significant security improvements across large, complex environments.

Lead the Vulnerability Management Program: Strategically design, implement, and continuously mature the vulnerability scanning and management program across the enterprise, including on-premises infrastructure (servers, network devices), applications, containers, and complex cloud environments.

Automation and Engineering: Architect, develop, and maintain robust automation pipelines to integrate vulnerability scanners with cloud APIs, asset inventory, and orchestration tools, significantly reducing manual efforts and improving data accuracy.

Cloud and Infrastructure Security Expertise: Serve as a subject matter expert for identifying, assessing, and remediating vulnerabilities specific to both cloud and on-premises services and configurations.

Risk Analysis and Prioritization: Continuously refine the risk-based prioritization methodology, ensuring the highest severity and most exploitable vulnerabilities are addressed first, collaborating closely with development and infrastructure teams.

Tool Management: Evaluate, deploy, configure, and maintain advanced vulnerability scanning platforms (e.g., Tenable, Qualys, Rapid7), ensuring optimal coverage, accuracy, and integration across the hybrid environment.

Mentorship and Documentation: Mentor junior team members, develop detailed technical documentation, and define best practices for vulnerability identification, reporting, and remediation.

Reporting and Metrics: Define, track, and present advanced security metrics (KPIs/KRIs) and management-level reports on the overall vulnerability posture, remediation trends, and program effectiveness.

Process Improvement: Drive measurable improvements in the mean time to detect (MTTD) and mean time to remediate (MTTR) vulnerabilities.

7+ years of progressive experience in Information Security, with at least 3 years dedicated to a senior/lead role in Vulnerability Management.

High-level proficiency in scripting for developing security automation, API integration, data manipulation, and building custom security and reporting tools.

Deep, hands-on experience securing large-scale cloud environments and traditional on-premises enterprise systems.

Expertise in administering and tuning enterprise-grade vulnerability scanning solutions (e.g., Tenable.io/Nessus, Qualys, Rapid7 Nexpose) across both cloud and on-premises assets.

Thorough understanding of vulnerability scoring standards (CVSS v3+) and the methodologies used to prioritize risks based on business context and threat intelligence.

Experience with CI/CD pipeline security, DevSecOps practices, and integrating security testing into the development lifecycle.

Experience with advanced data analytics platforms (e.g., ELK Stack) for security data visualization and correlation.

Direct experience with container and orchestration security scanning (e.g., Docker, Kubernetes).

Experience in developing solutions leveraging configuration management tools (e.g., Terraform, Ansible, Chef).