Engineer, Vulnerability Management

KEY RESPONSIBILITIES

Position Summary: The Threat & Vulnerability Management Engineer is responsible for the deployment, configuration, and management of vulnerability management tools and delivery of related services. The role of Threat & Vulnerability Management Engineer is to detect security vulnerabilities in information systems and drive resolution in compliance with corporate security policy. You will work with system owners to evaluate vulnerability findings, identify false-positives, and prepare & deploy patches. 

Essential Duties and Responsibilities:  

• Collaborate with key stakeholders including senior leadership to research, develop and implement an efficient architecture to discover vulnerabilities in both shoreside and maritime systems.  

• Manage the entire vulnerability lifecycle from discovery, triage, remediation, and validation.  

• Create and evolve a risk prioritization framework that accounts for multiple factors including vulnerability severity, system function, and network accessibility.  

• Help asset owners create effective solutions to safely patch infrastructure at scale, including assisting with automated deployment of common patches  

• Promote effective remediation while preserving stakeholder happiness.  

• Manage day-to-day workflow to ensure vulnerabilities are remediated within proper timelines.  

• Create process automation including scripting and API integrations 

QUALIFICATIONS AND EDUCATION

• Bachelor's degree in information security or equivalent. Advanced degree preferred 

• 4+ years of information technology experience, including 2+ years of specialization in vulnerability management 

• Vulnerability Management experience, especially with vulnerability scanners (e.g. Rapid7 IVM, Tenable, etc.) and experience remediating issues with system owners  

• Experience hardening system images according to industry baselines, such as CIS Benchmarks  

• Experience with cloud security posture management tools (e.g.  Orca Security, Prisma,  Wiz, etc.) and remediating vulnerabilities and misconfigurations in cloud environments  

• Nexpose Certified Administrator certification strongly preferred  

• Vulnerability exploitation certifications including GEVA, GPEN, OSCP, or similar preferred  

• Application Security experience using SAST/DAST/SCA tools preferred  

• Scripting experience in Python, PowerShell, or similar tools preferred 

FINANCIAL/QUANTITIVE RESPONSIBILITIES

N/A

COMPARABLE POSITIONS/PEERS

HOW HAS THE JOB CHANGED/GROWN

(Only needed if we need to re-evaluate and grade the job. Please explain what’s different with the scope from before.)

INTERNAL/ EXTERNAL RELATIONSHIPS

The role will collaborate closely with Business Application owners, and partner with key GIS teams—including Business Information Security Officers,  to remediate vulnerability findings.

PHYSICAL REQUIREMENTS

• Ability to remain in a stationary position (e.g., seated at a desk) for extended periods.
• Constant use of computer, keyboard, mouse, and other office technology.
• Ability to communicate effectively via email, messaging tools, and virtual meetings.
• Occasional need to move about the office, attend meetings, or access equipment.
• May require lifting or transporting lightweight items (typically under 20 lbs), such as laptops or documents.

WORKING CONDITIONS

• Standard office environment with the majority of work performed at a desk using a computer.
• Role requires frequent interaction through virtual collaboration tools (e.g., email, chat, video conferencing).
• May involve occasional meetings outside standard business hours to support global teams or address time‑sensitive security issues.
• Work may include periodic on‑call responsibilities during critical vulnerability management cycles or incident response activities.
• Minimal travel may be required for training, team meetings, or cross‑functional collaboration.
• Noise level is generally low to moderate, consistent with standard office settings.