Experienced Information Security Engineer

New

US, United StatesFull-TimeSenior

Salary95,100 - 135,800 USD per year

Apply NowOpens the employer's application page

Job Details

Proven experience in information security or vulnerability management within enterprise environments.
Strong hands-on experience with vulnerability scanning tools such as Tenable, Qualys, or Rapid7.
Solid understanding of authenticated scanning, agent-based vs network scanning, and network segmentation challenges.
Knowledge of cloud security posture management (CSPM) and security in cloud environments.
Strong technical understanding of operating systems (Windows, Linux, macOS), databases, and networking fundamentals.
Familiarity with security frameworks and standards such as CVE, CVSS, MITRE ATT&CK, FISMA, and CISA guidelines.
Strong analytical skills with the ability to perform root cause analysis and interpret complex security data.
Experience developing security reports, dashboards, and automation scripts (Python, PowerShell preferred).
Excellent communication skills with the ability to translate technical risks for both technical and non-technical stakeholders.
Demonstrated leadership ability and experience mentoring or guiding junior team members is a plus.

Perform vulnerability scanning and analysis across multi-platform environments, including cloud, applications, databases, endpoints, and operating systems.
Identify, assess, and prioritize security risks using CVE, CVSS, and threat intelligence frameworks such as MITRE ATT&CK.
Develop and maintain vulnerability management policies, dashboards, reports, and automated alerts using scripting tools such as Python and PowerShell.
Drive remediation efforts across enterprise environments, ensuring timely resolution of vulnerabilities and security weaknesses.
Collaborate with IT Operations, SOC, GRC, vendors, and leadership to align vulnerability management with enterprise security strategy and compliance requirements.
Monitor emerging threats and vulnerabilities from sources such as NVD and CISA, providing proactive risk guidance and recommendations.
Design, test, and support security infrastructure including firewalls, intrusion detection systems, and endpoint protection tools.
Oversee access management processes, ensuring secure authentication, authorization, and password lifecycle controls.
Evaluate and implement security tools, technologies, and architecture improvements to enhance organizational defense capabilities.
Provide technical leadership, mentorship, and guidance to less experienced security team members.

View Full Description & ApplyYou'll be redirected to the employer's site