Vulnerability Management Engineer ()

Key Responsibilities

1. Vulnerability Identification & Assessment

• Operate and manage vulnerability scanning tools (e.g., Qualys, Tenable, Rapid7) to detect and report on known vulnerabilities.

• Analyze scan results, assess severity levels, and work with teams to validate findings.

• Maintain and optimize the scanning cadence across endpoints, servers, and cloud resources.

2. Patch Management & Remediation

• Coordinate with endpoint and server teams to schedule and deploy patches using Intune, SCCM, WSUS, and other configuration tools.

• Collaborate with application owners to test and validate security patches prior to deployment.

• Track and report remediation status and exceptions for compliance audits.

3. Endpoint Configuration & Hardening

• Enforce security baselines on Windows 11, macOS, iOS, and Android devices using Microsoft Intune or JAMF.

• Support implementation of BitLocker, FileVault, Microsoft Defender policies, and vulnerability mitigation configurations.

• Assist in Zero Trust enforcement, ensuring only compliant, secured devices are granted access.

4. Security & Compliance Reporting

• Produce regular reports on vulnerability metrics, remediation status, and compliance posture.

• Support security audits by providing evidence of patching and remediation activity.

• Align vulnerability management practices with frameworks like ISO 27001, NIST 800-53, CIS Benchmarks, SOC 2, and GDPR.

5. Incident Response & Threat Containment

• Collaborate with SOC and IR teams to contain and remediate vulnerabilities exploited in real-time attacks.

• Perform root cause analysis (RCA) of recurring vulnerabilities or failed remediations.

• Assist in post-incident remediation and risk reduction initiatives.

6. Automation & Tool Integration

• Develop and maintain scripts (PowerShell, Python, Bash) for vulnerability detection and remediation tasks.

• Integrate vulnerability management tools with SIEM (e.g., Sentinel, Splunk) and ITSM platforms (e.g., ServiceNow) for end-to-end visibility and workflow automation.

Required Qualifications & Skills

Must-Have

• 2+ years (Engineer) or 4+ years (Senior Engineer) of experience in vulnerability management, endpoint security, or IT operations.

• Working knowledge of vulnerability scanning tools such as Qualys, Tenable, Rapid7, or similar.

• Hands-on experience with Microsoft Intune, SCCM, or other endpoint configuration/patching tools.

• Strong knowledge of patch lifecycle management and OS/application security hardening techniques.

• Experience with PowerShell or Python scripting for automation and reporting.

• Understanding of compliance and security frameworks such as ISO 27001, NIST, CIS, SOC 2.

Good-to-Have

Certifications:

• CompTIA Security+, CySA+, or CEH

• Microsoft Certified: Security Operations Analyst Associate (SC-200)

• Microsoft Certified: Endpoint Administrator Associate (MD-102)

Additional Skills:

• Familiarity with EDR/XDR platforms (e.g., Microsoft Defender for Endpoint, CrowdStrike).

• Exposure to Zero Trust Architecture, Conditional Access, and RBAC enforcement.

Education

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent work experience).