Technology Vulnerability Management EngineerCooley • Chicago, IL, United States
Technology Vulnerability Management Engineer
Cooley • Chicago, IL, United States
4 days ago
Job type
- Full-time
Job descriptionAfter orientation at Cooley LLP, exhibit proficiency in the Microsoft 365, MECM, Intune, iManage and other firm applications Ability to work extended and / or weekend hours, as required 2+ years of experience in cyber security, vulnerability management, or penetration testing. Senior candidates must have 5+ years' directly applicable experience in the field Strong hands-on experience conducting vulnerability scans, including configuration and use of tools such as Tenable, Qualys, Rapid7 Knowledge of cybersecurity frameworks, controls and standards, and best practices Solid understanding of Windows / Linux, networks, web / application stacks, and at least one major cloud provider (AWS / Azure) Proficiency in Python or PowerShell and REST APIs; ability to build repeatable pipelines / dashboards Familiarity with CVSS, KEV, EPSS and how they align with risk frameworks Extensive knowledge and experience generating and disseminating easily digestible metrics and report to system owners and leadership Bachelor's Degree in Information Technology or Computer Information Systems Knowledge of the Mitre ATT&CK framework and NIST Cyber Security Framework Familiarity with common security controls in the enterprise (Firewall, Proxy, AV, SIEM, etc.) Experience with incident response procedures Extensive knowledge and understanding of security issues, techniques, and implications across multiple computer platforms Demonstrated experience leading and developing others by providing technical guidance and leadership to project teams Solid knowledge and understanding of security regulations and best practices such as the ISO 27000 family of standards Demonstrated experience communicating technical information to business clients and less experienced technologists CISSP, CISM or equivalent Experience with CI / CD pipelines Cloud Architecture and / or Cloud Security Certifications (AWS, Azure, GCP) Cloud Security Alliance (CCSP, CCSK) (ISC)2 Additional security certifications Exceptional customer service skills Excellent analytical, problem-solving, customer service, project management and communication skills Goal-oriented Proven track record of excellent decision making, integrity and working with IT management, business users and business professionals Excellent oral and written communication skills, including technical and user documentation Strong organizational skills Ability to work independently and under high pressure with tight schedules and deadlines Ability to interact well with all levels of business professionals Excellent active listening skills Flexible and patient with process development / execution and adherence to instruct project management practices Capable of grasping new concepts quickly and without prior experience Detail-oriented Ability to multi-task and work in fast-paced environment Ability to interact and coordinate with several teams to achieve objectives Ability to solve problems independently and simultaneously, effectively managing multiple tasks Professional demeanor at all times
Technology Vulnerability Management Engineer
Cooley is seeking a Technology Vulnerability Management Engineer to join the Security team.
Position Summary : Cooley Technology embraces a culture of customer service excellence, and all members of the department are expected to move this agenda forward. To that end, the Technology Vulnerability Management Engineer is expected to recognize that the Cooley Technology department is a service organization first and foremost and will be evaluated on this requirement equal in importance to the technical or operational responsibilities outlined later in this document.
The Technology Vulnerability Management Engineer will lead the full vulnerability management lifecycle across endpoints, servers, applications, containers, and cloud environments. This role owns discovery, validation, risk-based prioritization, and remediation outcomes. The engineer will administer and optimize vulnerability management platforms, automate data flows and reporting, and partner with Technology and Innovation teams to meet SLA targets and reduce enterprise risk. The position will be a balance of hands-on technical execution, program leadership, and clear communication, while staying current on emerging threats and supporting audits, compliance efforts, and incident response activities. Specific duties include, but are not limited to, the following :
Position responsibilities
- Support the development and continuous optimization of vulnerability management services, including scanning cadence, exception handling, SLAs and alignment with security controls
- Build and maintain standards, playbooks, and repeatable processes to improve the efficiency and maturity of the vulnerability management program
- Administer and optimize enterprise vulnerability management platforms (e.g., Tenable / Qualys / Rapid7), ensuring accurate coverage across assets
- Integrate asset context from CMDB, EDR, and cloud inventory to drive effective risk-based prioritization
- Build automation for data ingestion, deduplication, ticketing, and reporting using APIs, scripting, and other tools to improve data quality and reduce false positives
- Analyze and interpret vulnerability scan results to assess severity, validate findings, and provide actionable remediation recommendations
- Publish dashboards and reports tailored for engineers, management, and executive leadership to communication progress and risk
- Drive remediation efforts, including patching, configuration baselines, and compensating controls, and validate results through rescans or attestations
- Partner with developers, DevOps, and other stakeholders to implement "shift-left" practices such as pipeline scanning, container / base-image hygiene, and Infrastructure-as-Code (IaC) hardening
- Collaborate with cross-functional teams to implement security solutions and controls that mitigate identified vulnerabilities
- Support audits, assessments, and regulatory compliance requirements by providing accurate documentation and evidence
- Identify opportunities for process improvements, tool optimization, and template standardization to increase efficiency and reduce operational overhead
- Stay current on emerging threats, vulnerabilities, and industry best practices to ensure the program remains effective and modern
- Contribute to advanced security testing activities such as penetration testing, application reviews and targeted vulnerability assessments as needed
- Assist with incident response activities by providing vulnerability context, supporting root cause analysis, and helping to validate containment and remediation actions
- All other duties as assigned or required
Skills and experience :
Required :
Preferred :
Competencies :
Cooley offers a competitive compensation and excellent benefits package and is committed to fair and equitable employment practices. EOE.
The expected annual pay range for this position is $110,000 - $155,000. Please note that final offer amount will be dependent on geographic location, applicable experience and skillset of the candidate. Senior level candidates may be considered for this position and would be eligible for a higher salary range based on experience.
We offer a full range of elective benefits including medical, health savings account (with applicable medical plan), dental, vision, health and / or dependent care flexible spending accounts, pre-tax commuter benefits, life insurance, AD&D, long-term care coverage, backup care for children and / or adults and other parental support benefits. In addition to elective benefit options, benefited employees receive firm-paid life insurance, AD&D, LTD, short term medical benefits as well as 21 days of Paid Time Off ("PTO") and 10 paid holidays each year. We provide generous parental leave and fertility benefits. New employees will attend a detailed benefit orientation to learn more about our many benefits and resources.
Create a job alert for this search
Vulnerability Management Engineer • Chicago, IL, United States
Related jobs
POSITION OVERVIEW The Senior Technical Services Engineer is a high-level technical role responsible for overseeing the support and upgrade activities of mission-critical eDiscove...Show more
Join Kellanova as a Lead IT Engineer - Cybersecurity! Bring your expertise in cloud and application security to a dynamic, fast-paced environment where innovation meets impact.You'll collaborate wi...Show more
We're on a path to becoming the best airline in aviation history.Join our Cybersecurity and Digital Risk (CDR) team to help lead the industry in cyber safety, security and resilience.United's CDR t...Show more
SRE is part of a global organization that leverages the latest technology to communicate with our colleagues across the globe.
We organize ourselves into distributed teams SRE teams are anchored ...Show more
We are looking for a Senior Site Reliability Engineer (SRE) with deep experience in AWS infrastructure, automation, observability, and production support.
As an SRE, you will ensure our cloud-native...Show more
GAI Consultants is seeking a Protection & Controls Technical Manager 2 with Relay Settings experience.This position will perform protection and controls design, provide technical guidance, design r...Show more
Systems Engineer (Teams Voice) Location : Remote Duration : 3-6 months Responsibilities : Design, implement, and manage Teams Voice.
Manage and maintain Teams Voice and other cloud voice platform...Show more GAI Consultants is seeking a Substation and / or Protection & Controls Engineer 3 for substation-related work.This position will perform substation and protection and controls design, technical guida...Show more 
Looking for an opportunity to make an impact?.Everything we do is built on a commitment to do the right thing for our customers, our people, and our community.
Our Mission, Vision, and Values guide ...Show more
Join Kellanova as a Lead IT Engineer - Cybersecurity! Bring your expertise in cloud and application security to a dynamic, fast-paced environment where innovation meets impact.You'll collaborate wi...Show more
Customs and Border Protection Officer (CBPO).Customs and Border Protection (CBP) offers those interested in a career in law enforcement an exceptional opportunity to work with an elite team of high...Show more
Companys Cyber Security Program Office (CSPO) promotes the safe and secure use of technology.The CSPO serves Company by providing a variety of cybersecurity services including consultation, protect...Show more
As the nation's largest producer of clean, carbon-free energy, Constellation is focused on our purpose : accelerating the transition to a carbon-free future.
We have been the leader in clean ener...Show more
Job Title : Firewall Engineer Location : Evanston, IL 60201 / Remote &...Show more GAI is seeking a highly skilled and experienced.Lead Substation Protection & Control Engineer.This role will serve as a technical leader within the engineering team, ensuring that all protection an...Show more 
Senior Site Reliability Engineer.Founded in 2014, we offer the industrys first and only cloud-based, fully-customizable, end-to-end software solution to automate securities-based lending from origi...Show more
CCI), a privately held and internationally recognized engineering and consulting firm, is seeking motivated and talented individuals to join its expanding Chicago, IL office.Founded in 1973, CCI is...Show more
Lead Cybersecurity Engineer; HP NonStop Systems.In this key technical Lead Cybersecurity role, you'll be responsible for the overall security architecture, design, and configuration of the PULSE HP...Show more
Senior eDiscovery Technical Services Engineer
GeorgeJon • Chicago, IL, US
Full-time
Quick Apply
Last updated: 30+ days ago
Lead IT Engineer - Cybersecurity
Kellanova Co. • Naperville, IL, United States
Part-time +1
Last updated: 15 days ago • Promoted
Senior Engineer - Cybersecurity Operations & Engineering
United Airlines • Chicago, IL, United States
Full-time
Last updated: 30+ days ago • Promoted
Site Reliability Engineer
iManage • Chicago, IL, US
Full-time
Quick Apply
Last updated: 30+ days ago
Sr. DevOps / Site Reliability Engineer
Sputnik Solutions Inc • Chicago, IL, us
Full-time
Quick Apply
Last updated: 12 days ago
Technical Substation P&C Manager 2
GAI Consultants Inc. • Lisle, IL, United States
Full-time
Last updated: 30+ days ago • Promoted
Systems Engineer (Teams Voice)
Serigor Inc. • Deerfield, IL, US
Full-time
Quick Apply
Last updated: 30+ days ago
Engineer 3 (P&C / Substation)
GAI Consultants Inc. • Lisle, IL, United States
Full-time
Last updated: 30+ days ago • Promoted
Senior Substation Protection and Control Engineer
Leidos Inc • Chicago, IL, United States
Full-time
Last updated: 30+ days ago • Promoted
Lead IT Engineer - Cybersecurity
Kellanova • Naperville, IL, United States
Part-time +1
Last updated: 15 days ago • Promoted
Customs and Border Protection Officer - Experienced
U.S. Customs and Border Protection • Highland Park, IL, United States
Full-time
Last updated: 30+ days ago • Promoted
Vulnerability Analyst
Delan Associates Inc • Lemont, IL, United States
Full-time
Last updated: 1 day ago • Promoted
Engineer, Site Risk Management - Midwest
Constellation Energy • Lockport, IL, US
Full-time
Last updated: 22 days ago • Promoted
Firewall Engineer
Noblesoft Technologies • Evanston, IL, United States
Full-time
Quick Apply
Last updated: 8 days ago
Lead Substation Protection & Control Engineer
GAI Consultants Inc. • Lisle, IL, United States
Full-time
Last updated: 30+ days ago • Promoted
Senior Site Reliability Engineer
Supernova Companies • Chicago, Illinois, United States, 60601
Full-time
Last updated: 30+ days ago
Fire Protection and Life Safety Engineer - Chicago, IL
Code Consultants • Woodridge, IL, USA
Full-time
Quick Apply
Last updated: 30+ days ago
Lead Cybersecurity Engineer; HP NonStop Systems
Capital One • Chicago, IL, United States
Full-time +1
Last updated: 4 days ago • Promoted