Management engineer • newark nj
This role supports a leading global law firm known for advising many of the world's most sophisticated financial institutions, asset managers, and multinational corporations on complex, high-stakes...Show more
Responsibilities include but are not limited to:.Understands and advises on enterprise policies and technical standards with specific regard to vulnerability management and secure configuration.Abl...Show more
The Office of Technology and Innovation (OTI) leverages technology to drive opportunity, improve public safety, and help government run better across New York City.From delivering affordable broadb...Show more
Consulting/Business Management.Salaried High Fringe/Full-Time.DHS program management office for office management and business process/operational improvements.This is an on-site position in the Ne...Show more
At Goldman Sachs, we connect people, capital and ideas to help solve problems for our clients.We are a leading global financial services firm providing investment banking, securities and investment...Show more
Brooklyn Investment Group is an SEC-registered Investment Adviser that leverages the technology of its parent company, Brooklyn Artificial Intelligence Research.This technology is combined with ins...Show more
Viam is building the platform that makes robotics as programmable as software.Our software allows developers and companies to configure, control, and manage physical devices-from a single robot in ...Show more
Senior Software Engineer - Identity & Privileged Access Management.Bloomberg's Platform Security organization is responsible for securing the infrastructure, systems, and data that power our global...Show more
The firm and its affiliates comply with applicable discrimination and equal opportunities legislation in all of its jurisdictions and do not discriminate in employment or recruitment based on race,...Show more
CoreWeave is The Essential Cloud for AI™.Built for pioneers by pioneers, CoreWeave delivers a platform of technology, tools, and teams that enables innovators to build and scale AI with confidence....Show more
We're looking for a Staff Engineer to join the Logs organization at Datadog and help redefine how our customers ingest, query, and derive insights from logs data.In this role, you'll work closely w...Show more
Data Engineer Marketing & Campaign Management.Marketing Domain knowledge is mandatory.Worked closely with Marketing/Campaign Management Team.Good understanding of Marketing Data.Knowledge of Data M...Show more
Clear Street's mission is to give every sophisticated investor access to every asset, in every market, through a unified platform built for speed, transparency and scale.We give our clients the tec...Show more
The Senior IAM Engineer will play a key role in designing, implementing, and operating enterprise identity and access management capabilities across Microsoft Entra ID and the organization's creden...Show more
Join JB&B and shape the future of the built environment! Founded in 1915, Jaros, Baum & Bolles has been a pillar of engineering innovation in New York City for over a century.Specializing in mechan...Show more
We are seeking a Mobility Administrator for MDM platform.Responsible for upgrades, monitoring performance, fine-tuning, capacity planning, troubleshooting, deployments and post support according to...Show more
Rippling gives businesses one place to run HR, IT, and Finance.It brings together all of the workforce systems that are normally scattered across a company, like payroll, expenses, benefits, and co...Show more
Capgemini Invent - Contextual Systems Engineer Management Consultant.At Capgemini Invent, we believe difference drives change.As inventive transformation consultants, we blend our strategic, creati...Show more
New Yorkers by uniting communities through care.We believe that Health care is a right, not a privilege.If you have compassion and a collaborative spirit, work with us.You can come to work being pr...Show more
Job Description
This role supports a leading global law firm known for advising many of the world's most sophisticated financial institutions, asset managers, and multinational corporations on complex, high-stakes matters. Consistently recognized among the elite in the legal industry, the firm operates across major financial centers worldwide, offering a truly international platform and exposure to cutting-edge legal and regulatory work. The role is hybrid remote with 3 days onsite - Wednesday is a must for a team day and you can pick the other two days. This resource will join a team of 2 and will be conducting scanning and reviewing the vulnerabilities, validate by reaching out to appropriate System Owners/Teams who work on the patching, and following the remediation path through by active follow up.
The Senior Information Security Engineer, Vulnerability Management is responsible for leading the identification, assessment, and mitigation of security vulnerabilities across enterprise systems and applications. This role plays a critical part in proactively managing cyber risks by discovering and addressing weaknesses before they can be exploited. The senior engineer will perform regular scanning and remediation of global networks, assess systems for vulnerabilities and misconfigurations, including cloud-based and on-premises assets. They will collaborate with IT teams and business process owners to ensure timely remediation of identified issues and drive continuous improvement of the organization's security posture.
The ideal candidate is highly skilled in vulnerability management tools and methodologies, combined with a strong understanding of enterprise IT environments, including cloud infrastructure, networking, and applications. This role requires strong analytical skills, the ability to interpret scan results, prioritize remediation efforts, and work cross-functionally to reduce risk. The candidate must be able to communicate effectively with technical and non-technical stakeholders and remain detail-oriented while adapting to new threats, technologies, and compliance requirements.
Essential Job Duties & Responsibilities
Lead enterprise vulnerability management activities including asset discovery, vulnerability scanning, configuration assessments, and prioritization.
Deliver continuous vulnerability identification and remediation across attack surfaces, vulnerabilities, and security-related misconfigurations throughout on-prem and cloud-based environments.
Collaborate with business owners and IT teams to identify and remediate vulnerabilities across servers, infrastructure, networks, and applications.
Manage vulnerability scanning tools and ensure accurate asset inventories and scan coverage.
Manage and mature vulnerability management programs including breach simulation, red-team testing, and security assessment tools.
Manage application security scanning tools including static, dynamic, and infrastructure scanning.
Optimize vulnerability management processes and integrations with other security and IT operations workflows.
Lead vulnerability response efforts to address imminent threats and zero-day vulnerabilities.
Monitor vulnerability remediation progress and partner with IT teams to provide recommendations for effective risk remediation or mitigation.
Monitor, mitigate, and report on emerging threats including supply-chain weaknesses, misconfigurations, code vulnerabilities, unencrypted protocols, digital footprint issues, and other cybersecurity control gaps.
Manage internal and external penetration testing and red-team activities, scope assessments, and oversee vendor coordination.
Provide regular reporting on the current state of vulnerabilities and develop metrics and dashboards to communicate vulnerability trends and remediation progress to stakeholders.
Develop vulnerability scoring priorities and measurement criteria, and build consumable reporting for technical and non-technical stakeholders, IT leadership, and external clients.
Stay current with emerging threats, vulnerabilities, exploit trends, and industry best practices.
Support security audits, assessments, and compliance initiatives by providing accurate and timely vulnerability data.
Contribute to the development of processes, standards, and playbooks related to vulnerability management.
Participate in and support after-hours work and on-call rotations as needed.
Compensation:
$53/hr to $64/hr.
Exact compensation may vary based on several factors, including location, skills, experience, and education.
Employees in this role will enjoy a comprehensive benefits package starting on day one of employment, including options for medical, dental, and vision insurance. Eligibility to enroll in the 401(k) retirement plan begins after 90 days of employment. Additionally, employees in this role will have access to paid sick leave and other paid time off benefits as required under the applicable law of the worksite location.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Skills and Requirements
4- 8+ years in IT or Information Security, including 3-4+ years in vulnerability management or security engineering
Hands-on experience with enterprise vulnerability scanning tools (e.g., Qualys, Tenable, Rapid7, Nessus, Metasploit, AttackIQ, etc.)
Strong ability to interpret CVSS, threat intelligence, and business impact to prioritize remediation
Solid understanding of cybersecurity risk management and frameworks (NIST, CIS, OWASP)
Experience securing cloud and hybrid environments (AWS, Azure, GCP), including infrastructure, networking, and applications
Strong foundation in networking, operating systems (Windows/Linux), and application security
Proven ability to manage multiple priorities, communicate risk effectively, and stay current on emerging threats
hands-on scanning of app/cloud environments (Wiz, Snyk, Cycode, CrowdStrike Falcon, Sysdig, Aqua Security, Orca Security, etc) - Professional certifications such as CISSP, CSSP, CEH, or similar
interpreting pentest results
