Job Description:
• Perform regular vulnerability scans across cloud, on-prem, application, and endpoint environments.
• Analyze scan results, validate findings, and assign severity based on industry standards (e.g., CVSS), business context, and exploitability.
• Work collaboratively with engineering and operations teams to drive timely remediation of vulnerabilities.
• Monitor external threat intelligence and evaluate emerging vulnerabilities (e.g., zero-days, trending exploits).
• Maintain the vulnerability management platform and improve scanning coverage and accuracy.
• Support patch management processes and ensure alignment with remediation SLAs.
• Assist in developing and refining policies, procedures, and best practices for vulnerability management.
• Participate in incident response efforts when vulnerabilities contribute to active threats.
Requirements:
• 7+ years of experience in cybersecurity, vulnerability management, or related fields.
• Hands-on experience with tools such as Tenable, Qualys, Rapid7, OpenVAS, or similar.
• Strong understanding of CVE, CVSS, NIST, CIS benchmarks, and vulnerability classification frameworks.
• Familiarity with cloud platforms (AWS, Azure, GCP)
• Ability to interpret vulnerability findings, identify actual risk, and communicate clearly with technical and non-technical stakeholders.
• Knowledge of patch management practices and change management workflows.
• Understanding of network architecture, security controls, and common attack vectors.
• Excellent analytical and problem-solving skills, with a keen attention to detail.
• Strong communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams.
• Must be a US citizen.
Benefits:
• covering the cost of medical for you and your family
• dental
• vision
• health and wellness benefits
• generous retirement savings plan
• generous PTO policy