Sr Vulnerability Management Engineer (Cybersecurity)

TL;DR

Sr Vulnerability Management Engineer (Cybersecurity): Operating and scaling the enterprise vulnerability management program across infrastructure, cloud, and application environments with an accent on risk-based prioritization and remediation. Focus on designing automation, ensuring compliance with NIST/FedRAMP/HIPAA standards, and reducing systemic risks in regulated healthcare environments.

Location: Remote - US Only

Salary: $143,200 - $196,900

Company

A new healthcare company focused on innovative solutions at the intersection of health, material, and data science to improve lives and healthcare performance.

What you will do

• Lead and operate enterprise vulnerability management platforms such as Qualys or Tenable.
• Drive risk-based prioritization and provide actionable remediation guidance to engineering teams.
• Ensure scanning coverage and integrity across on-prem and cloud environments (AWS, Azure).
• Partner with teams to meet security and compliance requirements including NIST 800-53, FedRAMP, and HIPAA.
• Design and implement automation for vulnerability intake, tracking, and reporting.
• Produce executive-level risk posture reports and mentor junior engineers.

Requirements

• Bachelor’s Degree or higher and 7+ years of vulnerability management experience.
• Experience administering Qualys, Tenable, or similar platforms.
• Proficiency with AWS or Azure cloud environments.
• Familiarity with industry compliance programs (NIST, HITRUST, FedRAMP, etc.).
• Ability to obtain and maintain a Public Trust clearance.
• Must be legally authorized to work in the US without sponsorship.

Nice to have

• Application Security experience.

Culture & Benefits

• Competitive benchmarking for pay and benefits.
• Comprehensive health coverage (Medical, Dental, Vision).
• Health Savings Accounts (HSA) and Flexible Spending Accounts (FSA).
• Disability and Life Insurance.
• Retirement benefits and paid absences.