Senior Cloud Vulnerability Management Engineer

Job ID: 2505310

Location: REMOTE WORK, VA, US

Date Posted: 2025-05-05

Category: Cyber

Subcategory: Cybersecurity Spec

Schedule: Full-time

Shift: Day Job

Travel: No

Minimum Clearance Required: None

Clearance Level Must Be Able to Obtain: Public Trust

Potential for Remote Work: Yes

Description

As a Senior Cloud Vulnerability Management Engineer with over 8 years of experience, you will play a critical role in the management, enhancement, and security of our cloud environments. Your deep knowledge in vulnerability management, and administration, combined with your proficiency in cloud platforms and security practices, will be essential in maintaining our system integrity and resilience against cyber threats.

We are looking for a Senior Cloud Vulnerability Management Engineer who is comfortable working with different vulnerability management solutions in different cloud environments, to include AWS, Azure, OCI and Google Cloud Platform.

Key Responsibilities:

• Deploy, configure and administer vulnerability management tools such as Acunetix and Qualys.
• Performs risk and vulnerability management tasks at the network, system, and application level in multiple cloud environments, such as AWS, Azure, Google Cloud Platform and OCI.
• Runs automated vulnerability scanning tools against all in-scope web applications and systems on the network, adhering to a pre-defined schedule.
• Review and analyze vulnerability scans, provide feedback to IT administrators and customers on remediation actions.
• Prioritizes vulnerability scan findings; opens tickets for remediation and tracks them.
• Runs ad-hoc vulnerability scans on an as-needed basis.
• Reviews cyber threat intelligence from multiple external sources; shares relevant threat information with the client.
• Tracks Binding Operational Directive (BOD) Known Exploited Vulnerabilities (KEV) and provides monthly status.
• Utilizes COTS/GOTS and custom tools and processes/procedures to scan, identify, contain, mitigate, and remediate vulnerabilities and misconfigurations.
• Ensure systems are compliant with DISA STIGs.
• Host and lead weekly VM status meetings with all stakeholders.
• Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access.
• Performs analyses to validate established security requirements and recommends additional security requirements and safeguards.
• Support cyber metrics development and reporting on vulnerabilities and STIG compliance.
• Effective communication, leadership, and presentation skills.
• Strong problem-solving and analytical abilities.
• A commitment to staying current with industry trends and security developments.
• Other duties as assigned.

Qualifications

Required Qualifications

• Strong foundation in system and security administration, including experience with both Linux and Windows environments via various tools including Ansible, Qualys and/or WSUS.
• Extensive experience in building, implementing and maintaining a Vulnerability Management problem.
• Proven background in security best practices, policies, and regulatory compliance (e.g., NIST, ISO 27001, GDPR, HIPAA).
• Experience in system and application hardening, vulnerability assessments, and penetration testing.
• Professional experience with one the following Vulnerability Management tools is a MUST: Nessus, Qualys, Orca Security, and/or Acunetix.
• Experience working with AWS, Azure, OCI, and/or Google Cloud Platform environments.
• Experience with ticketing systems such as ServiceNow.
• Required Certifications: CompTIA Security+, Certified Information Systems Security Professional (CISSP), or similar.

Education and Experience:

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field, with minimum of 8 years of experience in IT with a focus on cloud computing and cybersecurity, or Master's degree with 6 plus years of experience.
• ship Required.
• Must have the ability to obtain a Public Trust Clearance prior to starting work.

Target salary range: $120,001 - $160,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.

SAIC accepts applications on an ongoing basis and there is no deadline.

Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.