
Posted 3 hours ago
Vulnerability Management Engineer
WorkstreetVulnerability Management Engineer
Requirements
Tenable/Nessus, Qualys, Rapid7 InsightVM, Vanta, CVSS, EPSS, AWS, Azure, GCP, SOC 2, ISO 27001, HIPAA
Skills
TenableQualysAWSAzureGCP
About the role
Responsibilities
- Orchestrate vulnerability scanning infrastructure by configuring and maintaining scan policies and asset groups using platforms like Tenable, Qualys, or Rapid7.
- Execute threat analysis and risk prioritization using CVSS and EPSS to isolate and target high-consequence threats.
- Drive collaborative remediation by partnering with client IT and DevOps teams to deploy patches directly within AWS, Azure, and GCP environments.
- Manage exceptions and audit compliance by mapping patching data to regulatory frameworks such as SOC 2, ISO 27001, and HIPAA.
- Act as a strategic security advisor for a portfolio of fast-growth startups, delivering technical risk assessments and executive summaries.
Requirements
- Proven experience as a vulnerability engineer using enterprise platforms (Tenable/Nessus, Qualys, Rapid7 InsightVM, or Vanta).
- Deep understanding of risk scoring architectures, including CVSS base scores and EPSS exploit indices.
- Experience auditing infrastructure posture across multi-cloud environments (AWS, Azure, and GCP).
- Ability to align scanning protocols with GRC frameworks like SOC 2, ISO 27001, HIPAA, or CMMC.
- Strong technical communication skills to engage with founders and engineering executives.
- Ability to work 8:00 AM–5:00 PM US Eastern Time (ET).
Preferred Qualifications
- Experience managing full-lifecycle patch deployment pipelines within an MSP or consulting environment.
- Professional cybersecurity certifications such as CompTIA Security+, CEH, or GIAC GEVA.
- Advanced knowledge of the CVE lifecycle and National Vulnerability Database (NVD) registries.
Benefits
- Competitive base salary with merit-based bonus opportunities.
- Remote-first culture with the flexibility to work from anywhere.
- Clear career development paths with mentorship and technical training.
- Significant growth opportunities within an early-stage company.
About the Company
Workstreet helps businesses scale securely by designing and implementing cutting-edge security and compliance programs. We specialize in GRC services that support frameworks across SOC 2, ISO 27001, GDPR, and NIST, empowering companies to enhance their cybersecurity posture from day one.
ScoutJobs Agent
Get matches like this delivered daily
Sign up free — we'll pull jobs that fit your CV from across the web and rank them for you.
Get started — it's freeVulnerability Management Engineer
Workstreet · Philippines
