Vulnerability Engineer

Job Title: Vulnerability Engineer

Position Overview

Key Responsibilities

• Oversee the full vulnerability lifecycle: discovery, assessment, prioritization, remediation, and reporting.
• Implement and maintain frameworks such as  CISA VMF ,  SANS VMMM , and  NIST 800-53/800-40 .
• Apply  CVSS  scoring and risk-based prioritization to evaluate and rank vulnerabilities.
• Ensure alignment with compliance standards:  NIST CSF ,  ISO/IEC 27001 ,  PCI DSS ,  GDPR , and  FISMA, SOX, PCI-DSS, and TSA .

• Support initiatives to automate patch deployments.
• Conduct continuous monitoring and integrate findings into enterprise risk strategies.
• Maintain detailed documentation and reporting for audits, leadership, and compliance.
• Provide Level 2 and Level 3 support for remediation of vulnerabilities.
• Troubleshoot and resolve issues using established procedures; develop and enhance vulnerability management processes.
• Configure and integrate security administration/authentication infrastructure for new applications and projects.
• Collaborate with application teams to ensure secure design and integration.
• Participate in and lead research on advanced security technologies and emerging trends.
• Support and occasionally lead projects to ensure timely, on-budget delivery aligned with strategic objectives.
• Interface with vendors and evaluate external solutions; lead pilot projects for new technologies.
• Administer and manage certificate lifecycle processes with a concentration in  Sectigo .
• Work with  ServiceNow  components (CI, CMDB) for certificate and asset management.
• Understand and utilize  API requests/responses  for certificate operations.
• Apply knowledge of  SSL/TLS protocols , cryptography concepts, and certificate security.
• Collaborate with team members to ensure proper digital certificate deployment and compliance.
   

  Tools & Technologies:
• Vulnerability Management & Scanning:  Nessus (ACAS), Qualys, BitSight, OpenText 21.x, Microsoft DVM
• Endpoint Security:  McAfee ePO 4.6/VSE 8.8/HIPS 8.x (HBSS), Microsoft Defender for Endpoints
• Web Application Security:  HP WebInspect 21.x
• Certificate Management:  Sectigo, ServiceNow
• Familiarity with SIEM, SOAR, threat intelligence platforms, and secure CI/CD pipelines.

Required Qualifications:

• 6–10 years of cybersecurity experience, including 5+ years in vulnerability management.
• Strong knowledge of IT architecture, systems design, integration, and emerging technologies.
• Demonstrated expertise in vulnerability scanning, analysis, and remediation tools.
• 3–5 years of experience with certificate lifecycle management.
• Knowledge of  HTML ,  JavaScript , and web security concepts.
• Networking experience and understanding of SSL/TLS protocols.
• Experience with ServiceNow and API integrations.
• High School diploma/GED and 5 years of network engineering experience,  OR  associate degree and 3 years of related experience.

Preferred Skills & Certifications:

• Bachelor’s degree in Information Technology or related discipline.
• Flexibility for on-call responsibilities and off-hours support.
• Strong communication, collaboration, and problem-solving skills.
• Ability to lead projects and apply continuous improvement principles.
• Certifications:  CISSP, CISM, CISA, GIAC (GCIH, GPEN, GWAPT), CompTIA Security+.
• Experience with DevSecOps practices and secure CI/CD pipelines.