Jobs · Analyst

Vulnerability Management Engineer [211228]

Aquent · Canton, OH · 4 days ago
RemoteRemoteAnalyst$92/hrContract

About the role

Join our Cybersecurity team as a Senior Vulnerability Management Engineer, where you will play a critical role in proactive defense. You won’t just run scans and pass along reports; you will own the end-to-end lifecycle of vulnerability reduction across a modern, complex ecosystem (Infrastructure, Cloud, Containers, and Applications).

Key Responsibilities

  • Advanced Triage & Validation: Validate and prioritize vulnerability findings from internal/external scans, attack surface management tools, and threat intelligence. Separate the signal from the noise.
  • Risk-Based Prioritization: Assess real-world severity, exploitability, business impact, and compensating controls to drive a smart, risk-based remediation strategy.
  • Stakeholder Collaboration: Act as the bridge between security and engineering. Guide technology owners through routing, remediation tracking, and closure validation.
  • Rapid Threat Response: Support “PatchNow” critical events and zero-day escalations by quickly mapping blast radiuses, identifying owners, and tracking emergency remediation.
  • Process Optimization: Don’t just accept broken workflows. Identify recurring risk patterns and data quality issues, and recommend automation or tooling improvements to streamline our operations.

Qualifications

  • Minimum Qualifications (Must Haves): Experience: 3+ years of dedicated, hands-on experience in Vulnerability Management within an enterprise-scale environment. Core Tooling: Proven proficiency with enterprise vulnerability scanning platforms (specifically Qualys, Tenable/Nessus, or Wiz). Modern Architecture: Solid understanding of vulnerability lifecycles across cloud platforms (AWS, Azure, or GCP) and containerized workloads (Kubernetes, Docker). Data Savvy: Experience manipulating large datasets and vulnerability reports to extract actionable insights. Communication: Exceptional ability to translate complex technical vulnerabilities into clear, actionable remediation steps for both systems engineers and non-technical business leaders.
  • Preferred Qualifications (Nice To Haves): Automation & Scripting: Ability to write scripts or utilize APIs (Python, PowerShell, SQL, or Power Query) to automate repetitive validation and reporting tasks. Regulated Environments: Experience navigating security compliance in financial services or highly regulated sectors (PCI DSS, FFIEC). Data Visualization: Experience building dashboards in Power BI or Excel to track remediation metrics and trends. Modern Workflows: Familiarity with AI-assisted productivity tools or prompt-based workflows for data analysis. Certifications: Security+, CySA+, CISSP, or cloud provider security certifications.

Similar jobs