Vulnerability Engineer

TL;DR

Vulnerability Engineer: Supporting and maturing an enterprise vulnerability management program with an accent on operational oversight and hands-on technical expertise. Focus on safeguarding complex IT environments and ensuring compliance with regulatory and industry standards.

Location: Hybrid/Onsite in Detroit, MI (Tuesday, Wednesday, Thursday)

Company

hirify.global (S3) provides IT staffing services and support to enterprise clients.

What you will do

• Oversee the full vulnerability lifecycle: discovery, assessment, prioritization, remediation, and reporting.
• Implement and maintain security frameworks like CISA VMF, SANS VMMM, and NIST 800-53/800-40.
• Apply CVSS scoring, integrate findings into enterprise risk strategies, and ensure compliance with standards like NIST CSF, ISO/IEC 27001, PCI DSS, and GDPR.
• Provide Level 2 and Level 3 support for vulnerability remediation, troubleshoot issues, and enhance management processes.
• Administer and manage certificate lifecycle processes, including Sectigo and ServiceNow integration using APIs.
• Lead research on advanced security technologies, pilot new solutions, and support project delivery.

Requirements

• 6–10 years of cybersecurity experience, including 5+ years in vulnerability management.
• Strong knowledge of IT architecture, systems design, and integration.
• Demonstrated expertise in vulnerability scanning, analysis, and remediation tools (Nessus, Qualys, Microsoft DVM).
• 3–5 years of experience with certificate lifecycle management (Sectigo, ServiceNow).
• Knowledge of HTML, JavaScript, web security concepts, and networking (SSL/TLS protocols).
• High School diploma/GED with 5 years of network engineering experience, OR associate degree with 3 years of related experience.

Nice to have

• Bachelor’s degree in Information Technology or related discipline.
• Flexibility for on-call responsibilities and off-hours support.
• Experience with DevSecOps practices and secure CI/CD pipelines.
• Active DoD Clearance and relevant certifications (CISSP, CISM, CISA, GIAC, CompTIA Security+).

Culture & Benefits

• Collaborative team environment.
• Opportunity to lead projects and apply continuous improvement principles.
• W2 contract role with potential for renewal.