Vulnerability Engineer

STRATEGIC STAFFING SOLUTIONS (S3) HAS AN OPENING!

Vulnerability Engineer
Detroit, MI (Hybrid/onsite T, W, Th)
W2 contract role
12 Months then eligible for Contract renewal

Position Overview

We are seeking a strong analytical professional to serve as a Vulnerability Engineer, responsible for supporting and maturing our enterprise vulnerability management program while providing advanced security engineering support. This role combines operational oversight with hands-on technical expertise to safeguard complex IT environments and ensure compliance with regulatory and industry standards.

Key Responsibilities

• Oversee the full vulnerability lifecycle: discovery, assessment, prioritization, remediation, and reporting.
• Implement and maintain frameworks such as CISA VMF, SANS VMMM, and NIST 800-53/800-40.
• Apply CVSS scoring and risk-based prioritization to evaluate and rank vulnerabilities.
• Ensure alignment with compliance standards: NIST CSF, ISO/IEC 27001, PCI DSS, GDPR, and FISMA, SOX, PCI-DSS, and TSA.
• Support initiatives to automate patch deployments.
• Conduct continuous monitoring and integrate findings into enterprise risk strategies.
• Maintain detailed documentation and reporting for audits, leadership, and compliance.
• Provide Level 2 and Level 3 support for remediation of vulnerabilities.
• Troubleshoot and resolve issues using established procedures; develop and enhance vulnerability management processes.
• Configure and integrate security administration/authentication infrastructure for new applications and projects.
• Collaborate with application teams to ensure secure design and integration.
• Participate in and lead research on advanced security technologies and emerging trends.
• Support and occasionally lead projects to ensure timely, on-budget delivery aligned with strategic objectives.
• Interface with vendors and evaluate external solutions; lead pilot projects for new technologies.
• Administer and manage certificate lifecycle processes with a concentration in Sectigo.
• Work with ServiceNow components (CI, CMDB) for certificate and asset management.
• Understand and utilize API requests/responses for certificate operations.
• Apply knowledge of SSL/TLS protocols, cryptography concepts, and certificate security.
• Collaborate with team members to ensure proper digital certificate deployment and compliance.

Tools & Technologies

• Vulnerability Management & Scanning: Nessus (ACAS), Qualys, BitSight, OpenText 21.x, Microsoft DVM
• Endpoint Security: McAfee ePO 4.6/VSE 8.8/HIPS 8.x (HBSS), Microsoft Defender for Endpoints
• Web Application Security: HP WebInspect 21.x
• Certificate Management: Sectigo, ServiceNow
• Familiarity with SIEM, SOAR, threat intelligence platforms, and secure CI/CD pipelines.

Required Qualifications

• 6 10 years of cybersecurity experience, including 5+ years in vulnerability management.
• Strong knowledge of IT architecture, systems design, integration, and emerging technologies.
• Demonstrated expertise in vulnerability scanning, analysis, and remediation tools.
• 3 5 years of experience with certificate lifecycle management.
• Knowledge of HTML, JavaScript, and web security concepts.
• Networking experience and understanding of SSL/TLS protocols.
• Experience with ServiceNow and API integrations.
• High School diploma/GED and 5 years of network engineering experience, OR associate degree and 3 years of related experience.

Preferred Skills & Certifications

• Bachelor s degree in Information Technology or related discipline.
• Flexibility for on-call responsibilities and off-hours support.
• Strong communication, collaboration, and problem-solving skills.
• Ability to lead projects and apply continuous improvement principles.
• Active DoD Clearance.
• Certifications: CISSP, CISM, CISA, GIAC (GCIH, GPEN, GWAPT), CompTIA Security+.
• Experience with DevSecOps practices and secure CI/CD pipelines.

*Beware of scams. S3 never asks for money during its onboarding process