Sr Vulnerability Management Engineer
About the role
The Senior Vulnerability Management Engineer is a senior technical contributor responsible for operating, scaling, and maturing the enterprise vulnerability management program across infrastructure, cloud, and application environments. This role drives risk-based prioritization, partners closely with engineering teams to remediate vulnerabilities, and supports audit and compliance requirements across regulated environments.
Responsibilities
- Lead and operate enterprise vulnerability management platforms (e.g., Qualys, Tenable or equivalent)
- Ensure accurate, consistent, and scalable scanning coverage across on-prem and various cloud environments
- Ensure accurate asset coverage, scanning integrity, and risk-based vulnerability prioritization
- Analyze findings, validate exploitability, and provide clear, actionable remediation guidance to engineering teams
- Drive continuous improvement of vulnerability SLAs, metrics, and reporting
- Partner with application, platform, and cloud teams to validate that systems meet security and compliance requirements (e.g., NIST 800-53, FedRAMP, StateRAMP, SOC, HIPAA)
- Design and implement automation and integrations to improve vulnerability intake, tracking, reporting, and operational efficiency
- Develop and maintain documentation, runbooks, and operational processes to improve consistency, resiliency, and cross-team support
- Provide technical leadership and mentorship to junior engineers and contribute to reducing single-point dependencies across security tooling and workflows
- Produce executive-level reporting and metrics that clearly communicate risk posture, trends, and remediation progress to leadership
- Mentor junior engineers and help reduce single points of failure across security tooling and processes
Requirements
- Bachelor’s Degree or higher and 7+ years of vulnerability management experience
- Experience administering vulnerability management platforms (Qualys, Tenable or similar)
- Experienced in performing a leadership role working across multiple teams and disciplines
- Knowledgeable with AWS or Azure cloud environments
- Familiarity with best practice software security requirements in industry standard compliance programs (NIST, HITRUST, FedRAMP, etc.)
- Ability to obtain and maintain a Public Trust clearance
- Strong communication skills, ability to work independently or collaborate with application teams
Qualifications
- Additional qualifications that could help you succeed even further in this role include:
- Application Security Experience
- Work experience in AWS or Azure cloud environments
Benefits
Supporting Your Well-being
Solventum offers many programs to help you live your best life – both physically and financially. To ensure competitive pay and benefits, Solventum regularly benchmarks with other companies that are comparable in size and scope. Applicable to US Applicants Only:
The expected compensation range for this position is $143,200 - $196,900, which includes base pay plus variable incentive pay, if eligible. This range represents a good faith estimate for this position. The specific compensation offered to a candidate may vary based on factors including, but not limited to, the candidate’s relevant knowledge, training, skills, work location, and/or experience.
In addition, this position may be eligible for a range of benefits (e.g., Medical, Dental & Vision, Health Savings Accounts, Health Care & Dependent Care Flexible Spending Accounts, Disability Benefits, Life Insurance, Voluntary Benefits, Paid Absences and Retirement Benefits, etc.).
Additional information is available at: https://www.solventum.com/en-us/home/our-company/careers/#Total-Rewards
Pay
$143,200 - $196,900
Schedule
Remote – US Only