Vulnerability Management Engineer

Who we are :

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a "work hard, play hard" mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.

The Perks :

As recognized members of the Cyber Elite, we work together in partnership to defend our nation's critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered : 18 days of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we're looking for :

We are seeking a Vulnerability Management Engineer to support vulnerability management and remediation efforts in a complex cybersecurity environment. The ideal candidate will have strong technical skills, experience with vulnerability disclosure platforms and expertise in vulnerability scanning and remediation. The Vulnerability Management Engineer will provide technical support, generate reports and recommend improvements to the vulnerability management (VM) program. This is a unique opportunity to contribute to the growth and culture of a fast-growing company in the cybersecurity market.

What you'll be doing :

• Develop and maintain Standard Operating Procedures (SOPs), playbooks and process documents related to vulnerability management.
• Use the Microsoft Office Suite to generate reports and presentations for internal and external stakeholders.
• Perform scheduled vulnerability scans across production, disaster recovery and test / development environments, as well as ad-hoc scans to support troubleshooting.
• Support the verification, remediation and closure of vulnerabilities, ensuring timely resolution.
• Manage and secure cloud environments, including SaaS platforms like Azure and Oracle, as well as Infrastructure as a Service (IaaS) environment.
• Administer and manage vulnerability scanning tools (e.g., Tenable Nessus, DBProtect, WebInspect, Acunetix) and automate the integration of scan results into ServiceNow.
• Troubleshoot scanning issues and agent failures with system administrators to improve scan coverage and accuracy.
• Utilize ServiceNow GRC, Security Operations (SecOps) and the Vulnerability Response Module for effective vulnerability management.
• Automate processes to correlate scan results with asset data, create analytics and develop dashboards for reporting.
• Design, customize and maintain dashboards in Tenable.sc and ServiceNow to provide actionable insights on vulnerability trends, compliance metrics and remediation progress.
• Ensure successful deployment and maintenance of updated audit files and feeds in Tenable.sc to support accurate scanning.
• Generate and deliver recurring vulnerability reports by tool / platform (e.g. Tenable.sc, WebInspect, DbProtect) for ISSOs and other stakeholders.
• Validate and document false positives, collecting artifacts and evidence to ensure accurate risk assessment and reporting.
• Collaborate with ISSOs, system engineers and administrators to review findings, strategize remediation and confirm resolution of vulnerabilities.
• Collaborate with the Incident Response (IR) team to support vulnerability-related incidents during business hours.

What you need to know :

Must have's :

Where it's done :