Senior Engineer - Information Security

VariteIrving, TX, United States

8 hours ago

Job type

Full-time

Job description

Pay Rate Range : $65.00 - $71.83 / hr on W2

Schedule - 8 to 5P CST Hybrid

Monday, Wednesday and Thursday onsite Tuesday and Friday Remote.

Position Overview

We are seeking an experienced Senior Vulnerability Management Engineer to support the organization's vulnerability management program and strengthen our overall security posture.
The successful candidate will be responsible for configuring the platforms and identifying, assessing, prioritizing and coordinating the remediation of security vulnerabilities across our enterprise infrastructure.
Expertise with vulnerability management platforms - such as Nucleus Security, Rapid7 InsightVM, Microsoft Defender, SentinelOne, ServiceNow, BitSight, or similar solutions is essential.
This role requires collaboration with cross-functional teams to effectively reduce risk exposure.

Core Qualifications

Vulnerability Management Experience : Minimum of five years' experience managing vulnerabilities within complex IT environments (cloud, on-premises, hybrid). Comprehensive knowledge of operating systems (Windows, Linux, Unix), networking protocols, cloud platforms (AWS, Azure, GCP). Familiarity with web application vulnerabilities (OWASP Top 10) and application security testing.

Proficiency with Security Tools : Advanced expertise in leading vulnerability management and security platforms, such as Nucleus Security, Rapid7 InsightVM, Microsoft Defender for Endpoint, ServiceNow, BitSight, or equivalent.

Executive Reporting : Ability to prepare and deliver clear, actionable reports for executive audiences, translating technical findings into business risks and impacts.

Compliance & Risk Management : Strong understanding of regulatory frameworks and experience implementing controls to meet compliance requirements.

Process Improvement & Automation : Demonstrated skill in designing, optimizing, and implementing automated workflows for vulnerability tracking, reporting, and remediation.

Analytical Thinking : Exceptional attention to detail, with a track record of leveraging data analysis to drive security decisions and process improvements.

Communication & Collaboration : Excellent verbal and written communication skills; ability to engage stakeholders at all levels and facilitate training or awareness initiatives as needed.

Preferred Skills :

Cloud Security Expertise : Familiarity with cloud security best practices and emerging threats.

Project Management : Experience managing complex security projects, including tool migrations, integrations, and process enhancements.

Certifications : Relevant industry certifications (e.g., CompTIA Security+, CISSP, CISM, or equivalent) are desirable.

Regex (Regular Expressions) : Experience using Regex for building automation rules, data parsing, and workflow customization within vulnerability management platforms.

SQL : Basic understanding of SQL for querying, analyzing, and manipulating data as part of reporting or automation tasks.

Purdue Network Model : Familiarity with the Purdue Enterprise Reference Architecture (PERA) or Purdue Model for Industrial Control System (ICS) network segmentation and security.

Problem-Solving : Creative approach to addressing complex security challenges.

Attention to Detail : Precise identification and documentation of security vulnerabilities.

Security Operations : Active participation in incident response activities during exploitation events and coordination with threat intelligence teams to monitor emerging vulnerabilities and threats.

Continuous Learning : Commitment to staying current with evolving threat landscapes and security technologies

Education :

Bachelor's Degree, Computer Science, or Information Technology. Relevant experience in lieu of degree might be considered.

Create a job alert for this search

Information Security Engineer • Irving, TX, United States