Vulnerability Management Engineer

📋 Description

• Conduct regular vulnerability assessments across servers, endpoints, network devices, and relevant cloud-hosted assets utilizing approved scanning tools.

• Evaluate scan results based on severity, exploitability, asset criticality, and business impact to prioritize remediation efforts.

• Confirm findings by identifying false positives, duplicates, and exceptions to ensure accurate risk data maintenance.

• Maintain visibility of existing vulnerabilities and aging risks throughout the enterprise environment.

• Collaborate with system owners, engineering teams, and operations personnel to implement timely remediation plans.

• Monitor and manage Plans of Action and Milestones (POA&Ms) until resolution, including providing status updates and risk disposition.

• Assist with patch management and secure configuration hardening initiatives in line with approved baselines and SOPs.

• Identify recurring root causes and suggest control enhancements to minimize the reintroduction of vulnerabilities.

• Create, maintain, and enhance vulnerability management policies, procedures, and standard operating processes.

• Aid in risk management and compliance activities by generating documentation and artifacts for FISMA-related evaluations and audits.

• Ensure that vulnerability and remediation efforts are documented within approved ticketing/workflow systems in compliance with service management practices.

• Partner with stakeholders to align vulnerability operations with contract governance, reporting schedules, and control objectives.

• Produce dashboards and reports for leadership detailing vulnerability trends, remediation progress, POA&M status, and compliance posture.

• Convey technical findings and remediation priorities to both technical and non-technical audiences effectively.

• Support incident response efforts associated with identified or exploited vulnerabilities, including triage and cross-team coordination.

• Offer metric-driven recommendations to enhance continuous monitoring effectiveness and risk mitigation outcomes.

⛳️ Requirements

• A Bachelor’s degree with over 4 years of experience in vulnerability management and remediation within enterprise IT environments.

• In-depth knowledge of security frameworks, risk assessment methodologies, and compliance standards, including NIST and FISMA.

• Experience in coordinating remediation efforts with system owners and technical teams, including vulnerability tracking and POA&M closure.

• Strong analytical, problem-solving, and technical communication abilities suitable for diverse technical and business audiences.

• Familiarity with vulnerability scanning and assessment tools (e.g., Tenable Nessus, Qualys, Rapid7).

• Knowledge of patch management processes, configuration baselines, and secure system hardening practices.

• Understanding of enterprise infrastructure, operating systems, and cloud environments.

• Familiarity with automation scripts for vulnerability remediation and reporting.

• Experience in reporting and dashboard development for compliance and enhancing leadership visibility.

• Background in supporting federal civilian agency environments with FISMA/RMF continuous monitoring requirements (preferred).

• Proven track record of reducing high-severity vulnerability backlogs and improving closure timelines in large enterprises (preferred).

🏝️ Benefits

• Health and Wellness programs

• Income Protection

• Paid Leave

• Retirement