Vulnerability Management Engineer

JOB TITLE: Vulnerability Management Engineer
JOB LOCATION: Remote
WAGE RANGE*: $58-68/hr.
JOB NUMBER: VulEng1

REQUIRED EXPERIENCE:

Qualifications

• 5-8+ years of experience in vulnerability management, security engineering, or a related technical security field.
• Proven track record of leading or rebuilding enterprise-wide vulnerability management programs, with measurable improvements in coverage and risk reduction.
• Hands-on experience with modern VM tools: Tenable.sc/IO, CrowdStrike Falcon Exposure Management, SentinelOne Singularity VM, and Wiz for cloud-native environments.
• Deep understanding of vulnerability lifecycles, CVSS, exploitability frameworks, and prioritization strategies.
• Strong collaboration skills, with the ability to work cross-functionally with IT, DevOps, Compliance, and Security Architecture teams.
• Excellent communication skills, capable of translating technical findings into business risk and remediation plans for diverse audiences.

JOB DESCRIPTION:

Responsibilities
We are seeking a highly experienced Senior Vulnerability Management Engineer to lead the modernization and ongoing execution of our enterprise-wide vulnerability management program. This role requires both strategic leadership and deep technical expertise in vulnerability discovery, prioritization, and remediation across on-premises and cloud environments. You will work cross-functionally with security engineers, IT, DevOps, and compliance teams to strengthen our risk posture.

Key Responsibilities:

• Lead the end-to-end revamp of the enterprise continuous vulnerability management program, with a focus on automation, prioritization, and measurable risk reduction.
• Own the lifecycle of vulnerabilities-from discovery and validation to tracking and remediation-across endpoints, servers, containers, and cloud infrastructure.
• Deploy, manage, and optimize tools such as Tenable, CrowdStrike Exposure Management, SentinelOne Singularity Vulnerability Management, and Wiz for continuous asset and vulnerability visibility.
• Collaborate with infrastructure, cloud, and application security engineers to define scanning scopes, improve detection accuracy, and ensure secure configurations across environments.
• Deliver actionable reporting and metrics to senior leadership on vulnerability risk trends, SLA compliance, and remediation progress.
• Participate in security incident response as needed, especially in cases involving exploitation of known vulnerabilities.
• Continuously assess and improve threat prioritization strategies based on exploitability, asset criticality, and business risk.
• Serve as a subject matter expert on vulnerability management best practices, secure system baselining, and regulatory alignment.
• Mentor junior engineers and support a culture of continuous learning and collaboration across the security team.

Equal opportunity employer as to all protected groups, including protected veterans and individuals with disabilities

* While an hourly range is posted for this position, an eventual hourly rate is determined by a comprehensive salary analysis which considers multiple factors including but not limited to: job-related knowledge, skills and qualifications, education and experience as compared to others in the organization doing substantially similar work, if applicable, and market and business considerations. Benefits offered include medical, dental and vision benefits; dependent care flexible spending account; 401(k) plan; voluntary life/short term disability/whole life/term life/accident and critical illness coverage; employee assistance program; sick leave in accordance with regulation. Benefits may be subject to generally applicable eligibility, waiting period, contribution, and other requirements and conditions. Benefits offered are in accordance with applicable federal, state, and local laws and subject to change at TCM's discretion.

#Dice