Vulnerability Management Engineer

Overview

On Site
$65
Contract - Independent
Contract - W2

Skills

AWS Cloud
Cloud Security
Rapid7
Vulnerability Management
Patch Management / Vulnerability Remediation

Job Details

Vaco is working with an expanding client as they build out their cybersecurity team in the Phoenix area. We are looking for a Senior level Security mind who can lead the charge with identifying, monitoring, and reducing the organization’s digital attack surface by operationalizing asset discovery, vulnerability scanning, and exposure prioritization. This hands-on role is essential to improving the enterprise security posture, contributing directly to business resilience and secure growth. You will run point on vulnerability management and work with business and technology stakeholders to implement tooling and best practices to safeguard the business. You will bring expertise with all areas of Rapid7 and experience expanding organizational use and strong experience with cloud vulnerability tools (Wiz preferred). If you enjoy solving complex technical problems, thrive in a fast-paced, collaborative team environment, and continuously seeks to improve both tools and processes, we are looking to schedule interviews immediately. Please reach out to a member of the Vaco team today to learn more! We are unable to work with 3rd parties or support any sponsorship needs.

Position requirements:
  • 6+ years of experience in cybersecurity, vulnerability management, or cloud security.
  • Proficiency with ASM and vulnerability management platforms (e.g., Qualys, Wiz, Tenable, CrowdStrike, Shodan, etc.).
  • Experience integrating data from CMDBs, CSPMs, EDRs, and network discovery tools.
  • Hands-on experience with scripting or automation tools (Python, PowerShell, REST APIs).
  • Familiarity with cloud platforms (AWS, Azure, GCP) and related security controls.
  • Understanding of vulnerability scoring systems (CVSS), threat modeling, and MITRE ATT&CK framework.
  • Strong analytical, troubleshooting, and documentation skills.
  • Excellent communication and teamwork mindset; capable of translating complex technical findings into actionable guidance.
  • Bachelor’s degree in Information Security, Computer Science, or equivalent work experience.
  • Relevant certifications (e.g., Security+, GIAC GCIH/GVMS, AWS Security, AZ-500, etc.) are a plus.
Primary Responsibilities:
Discovery & Asset Inventory
  • Perform ongoing discovery of external-facing assets (domains, IPs, APIs, cloud services).
  • Maintain accurate asset inventory through integration with CMDB, cloud platforms (AWS, Azure, GCP), endpoint agents, and scanning tools.
  • Validate asset ownership and data accuracy through collaboration with system and application owners.
Vulnerability & Configuration Assessment
  • Conduct and tune vulnerability scans using ASM platforms (e.g., Rapid7, Qualys, Wiz, Tenable).
  • Analyze scan results and identify misconfigurations, missing patches, and exposed services.
  • Collaborate with remediation teams to track, document, and validate mitigation efforts.
Risk-Based Prioritization
  • Apply risk models to prioritize vulnerabilities based on business impact, threat intel, exploitability, and exposure duration.
  • Enrich findings with contextual metadata to aid in accurate risk communication to technical and non-technical stakeholders.
Threat Monitoring & External Visibility
  • Monitor external attack surface for anomalous changes, unauthorized domains, and known threat actor techniques.
  • Work with the Threat Intelligence and Incident Response teams to triage high-risk exposures.
Automation & Process Optimization
  • Recommend and implement continuous improvements to scanning cadence, alerting logic, and reporting accuracy.
  • Build and maintain automated workflows for asset discovery and exposure tracking via scripting, APIs, and integrations (e.g., ZenDesk, Jira).
Cloud & DevSecOps Alignment
  • Support cloud-native ASM functions through integration with CSPM and CI/CD pipelines.
  • Review Infrastructure-as-Code (IaC) and cloud configurations for public exposure or policy violations.
Tooling & Platform Support
  • Assist in onboarding new platforms, tuning scans, and maintaining licensing and coverage.
  • Operate and maintain ASM-related tools (e.g., Shodan, Censys, Qualys, Wiz).
  • Serve as technical point-of-contact for ASM tool support and integration requests.
Cross-Functional Collaboration
  • Partner with GRC, Application Security, IT Operations, Cloud, Networking, and Architecture teams to ensure secure asset lifecycle management.
  • Assist in the strategic direction, cross-functional coordination, and continuous improvement of the vulnerability management program. This individual ensures alignment between security operations, IT, development teams, and compliance requirements while driving consistent governance, reporting, and stakeholder engagement.
  • Participate in tabletop exercises and contribute to incident investigations related to ASM findings.
  • Stay current on emerging vulnerabilities, exploit trends, and mitigation strategies.
Determining compensation for this role (and others) at Vaco/Highspring depends upon a wide array of factors including but not limited to the individual’s skill sets, experience and training, licensure and certifications, office location and other geographic considerations, as well as other business and organizational needs. With that said, as required by local law in geographies that require salary range disclosure, Vaco/Highspring notes the salary range for the role is noted in this job posting. The individual may also be eligible for discretionary bonuses, and can participate in medical, dental, and vision benefits as well as the company’s 401(k) retirement plan.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.