Security Engineer - Threat & Vulnerability Management
New
M
MachinifyHealthcare Intelligence
Remote - USFull-TimeMiddle
Salary90000 - 120000 USD per year
Apply NowOpens the employer's application page
Job Details
- Experience
- 3+ years
- Required Skills
- AWSPythonBashAzureHIPAA
Requirements
- Bachelor’s degree in Computer Science, Information Security, or related field, or equivalent work experience
- 3+ years of experience in information security in a hands-on role such as SOC analyst, security analyst, or similar
- Familiarity with EDR or endpoint security platforms; experience with CrowdStrike Falcon is a plus but not required
- Exposure to vulnerability scanning concepts and tools, even if not as a primary job function
- Basic understanding of SOAR or security automation concepts; direct platform experience is a plus but not required
- Working knowledge of common attack techniques, the MITRE ATT&CK framework, and alert triage decision-making
- Foundational understanding of cloud environments (AWS or Azure), networking, and operating systems
- Scripting or development aptitude (Python, Bash, or PowerShell) sufficient to support automation and workflow tasks
- Strong analytical and problem-solving skills with the ability to communicate findings clearly across technical and non-technical audiences
- Security certifications such as CompTIA Security+, CySA+, or equivalent (preferred)
- Experience with a SOAR platform in any capacity, including alert workflow design or playbook development (preferred)
- Hands-on experience with enterprise vulnerability scanners (Tenable, Qualys, Rapid7, or similar) (preferred)
- Familiarity with SIEM platforms and basic query writing for alert investigation (preferred)
- Knowledge of healthcare compliance requirements (HIPAA, HITRUST) (preferred)
- Experience working across multiple environments or teams in a complex organization (preferred)
Responsibilities
- Run and maintain vulnerability scans across cloud and on-premises environments using enterprise scanning tools
- Track vulnerabilities through the remediation lifecycle: triage, assignment, follow-up, and closure verification
- Help coordinate penetration testing engagements, including scheduling, scoping support, and tracking findings to remediation
- Assist with attack surface management activities including asset inventory maintenance and external exposure monitoring
- Produce vulnerability reports and metrics for security leadership and engineering stakeholders
- Work with infrastructure and cloud engineering teams to communicate and prioritize remediation
- Maintain documentation for exceptions, risk acceptances, and remediation SLA tracking
- Manage and triage CrowdStrike Falcon alerts, driving escalation and response coordination with the SOC
- Support and improve Red Canary SOAR automations, including updating playbooks and alert enrichment workflows
- Develop and tune detection use cases to improve alert fidelity and reduce false positives
- Document runbooks and escalation procedures for detections managed through this role
- Collaborate with SOC analysts to identify detection gaps and translate feedback into platform improvements
- Support threat hunting activities and security incident response as needed
- Help evaluate and onboard new log sources and detection data feeds to expand SOC coverage
View Full Description & ApplyYou'll be redirected to the employer's site
