Vulnerability Management Engineer - Cyber Security

How You'll Make An Impact :

- Serve as a subject matter expert in vulnerability management, contributing in the design and execution of scanning, analysis, and remediation workflows across hybrid environments.

- Collaborate with senior engineers, architects, and client stakeholders to deliver tailored vulnerability management solutions aligned with business and compliance requirements.

- Drive risk-based vulnerability prioritization, leveraging threat intelligence, asset criticality, and exploitability data.

- Lead enterprise-wide scanning initiatives, including authenticated scans across Windows, Linux, network devices, containers, and cloud platforms (AWS, Azure, GCP).

- Administer and optimize tools such as Qualys, Tenable, Rapid7, Prisma Cloud, Wiz and Tanium to support continuous monitoring and patch management.

- Utilize Tanium or other patch management tools to deploy patches, automate updates, and enforce configuration baselines across diverse endpoints.

- Develop and maintain dashboards and reporting using tools like Power BI to track KPIs, remediation progress, and risk trends.

- Define and implement vulnerability management KPIs, SLAs, and strategic goals in collaboration with leadership and clients.

- Produce detailed documentation of assessments, threat analysis, and remediation plans.

- Validate and track remediation efforts, ensuring closure of vulnerabilities and alignment with security policies.

- Provide expert guidance on threat modeling, external attack surface management, and exposure analysis.

- Act as a primary escalation point for zero-day vulnerabilities, patch-related incidents, coordinating with IT and engineering teams to resolve issues efficiently.

What We're Looking For :

- 6+ years of experience in vulnerability management, including hands-on administration of platforms like Qualys, Tenable, Rapid7, Prisma Cloud, Contrast, and Tanium.

- Strong understanding of the vulnerability management lifecycle, including discovery, validation, prioritization, and remediation.

- Experience with cloud-native scanning and container security in AWS, Azure, and GCP environments.

- Proficiency in log analysis, TCP/IP networking, and endpoint telemetry to support threat investigations.

- Demonstrated ability to automate workflows and integrate vulnerability data into enterprise data lakes and CMDBs.

- Experience with external asset discovery, continuous monitoring, and attack surface management (ASM) tools.

- Strong analytical and problem-solving skills, with the ability to translate technical findings into business risk.

- Excellent communication skills and the ability to collaborate across technical and non-technical teams.

- Experience building and maintaining dashboards and metrics in Power BI or similar tools.

- Familiarity with security frameworks such as NIST, CIS, and MITRE ATT&CK is a plus.

Preferred Certifications :

- CISSP, CISM, CISA, or equivalent.

- Vendor-specific certifications (e.g., Qualys, Tanium, Tenable, Wiz, CSPM etc.

What You Can Expect From Optiv :

- A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups.

- Work/life balance.

- Professional training resources.

- Creative problem-solving and the ability to tackle unique, complex projects.

- Volunteer Opportunities.

- Optiv Chips In encourages employees to volunteer and engage with their teams and communities.

- The ability and technology necessary to productively work remotely/from home (where applicable).