Plus
Включить Plus
Назад

Эта вакансия в архиве

Посмотреть похожие вакансии ↓
Company hidden
обновлено 2 месяца назад

Vulnerability Engineer

Формат работы
hybrid
Тип работы
fulltime
Грейд
senior
Английский
b2
Страна
US

Описание вакансии

Текст:
/

TL;DR

Senior Vulnerability Engineer (Cybersecurity): Supporting and maturing an enterprise vulnerability management program with an accent on vulnerability lifecycle oversight, framework implementation, and risk-based prioritization. Focus on safeguarding complex IT environments, ensuring compliance with industry standards, and providing advanced security engineering support.

Location: Hybrid in Detroit, MI (on-site Tuesday, Wednesday, and Thursday)

Company

hirify.global (S3) is a national staffing agency specializing in IT and business solutions.

What you will do

  • Oversee the full vulnerability lifecycle including discovery, assessment, prioritization, remediation, and reporting.
  • Implement and maintain vulnerability management frameworks such as CISA VMF, SANS VMMM, and NIST, applying CVSS scoring for risk prioritization.
  • Ensure alignment with compliance standards including NIST CSF, ISO/IEC 27001, PCI DSS, GDPR, FISMA, SOX, and TSA.
  • Provide Level 2 and Level 3 support for vulnerability remediation, troubleshooting issues, and enhancing management processes.
  • Configure and integrate security administration infrastructure for new applications and projects.
  • Administer and manage certificate lifecycle processes with a concentration in Sectigo and ServiceNow.
  • Participate in and lead research on advanced security technologies and emerging trends.

Requirements

  • 6–10 years of cybersecurity experience, with 5+ years in vulnerability management.
  • Strong knowledge of IT architecture, systems design, integration, and emerging technologies.
  • Demonstrated expertise in vulnerability scanning, analysis, and remediation tools (e.g., Nessus, Qualys).
  • 3–5 years of experience with certificate lifecycle management.
  • Knowledge of HTML, JavaScript, web security concepts, networking, and SSL/TLS protocols.
  • Experience with ServiceNow components (CI, CMDB) and API integrations.
  • Must be authorized to work in the USA (W2 contract role).

Nice to have

  • Bachelor’s degree in Information Technology or a related discipline.
  • Flexibility for on-call responsibilities and off-hours support.
  • Active DoD Clearance.
  • Relevant certifications (e.g., CISSP, CISM, CISA, GIAC, CompTIA Security+).
  • Experience with DevSecOps practices and secure CI/CD pipelines.