CrawlJobs Logo

Vulnerability Management Engineer

quzara.com Logo

Quzara

Location Icon

Location:
United States

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

The Vulnerability Management Engineer (FedRAMP & Pen Test Support) is responsible for delivering and scaling Quzara’s Authorized Vulnerability Management Services while providing technical enablement for high-impact penetration testing efforts supporting federal and regulated customers. This role owns the end-to-end vulnerability management lifecycle, including scanner configuration, continuous monitoring execution, remediation coordination, and tool maintenance. The position requires hands-on expertise with enterprise vulnerability scanning platforms and penetration testing toolchains, as well as a deep understanding of FedRAMP Continuous Monitoring (ConMon) and NIST 800-53 requirements. The ideal candidate is a practitioner who can operate independently in regulated environments, maintain audit-ready tooling, and translate scan output into actionable remediation guidance.

Job Responsibility:

  • Install, configure, maintain, and patch penetration testing toolsets (e.g., Burp Suite Pro, Metasploit, Kali Linux) for use in federal and regulated engagements
  • Execute and manage monthly FedRAMP Continuous Monitoring (ConMon) activities, including vulnerability scanning, deviation analysis, and POA&M generation
  • Configure, optimize, and maintain Tenable.io / Nessus scanners and web application scanning (WAS) tools to ensure accurate and comprehensive asset coverage
  • Own the health, licensing, patching, and lifecycle management of all vulnerability management and penetration testing tools to ensure continuous audit readiness
  • Analyze scan results and collaborate with Site Reliability Engineers (SREs), infrastructure teams, and application owners to drive timely remediation
  • Interpret vulnerability data across Windows, Linux, database, container, and web application assets and provide remediation guidance aligned with federal baselines
  • Support penetration testing preparation and execution by ensuring testing environments, tools, and configurations are compliant and operational
  • Provide vulnerability evidence, scan reports, and remediation documentation to support FedRAMP, FISMA, and third-party assessment activities
  • Continuously improve vulnerability management processes, scan coverage, and reporting accuracy across Quzara environments

Requirements:

  • 4+ years of experience in Vulnerability Management or Penetration Testing support within FedRAMP or Federal environments
  • Expert-level proficiency with Tenable.io / Nessus, including scanner deployment, policy tuning, and result interpretation
  • Hands-on experience maintaining and operating penetration testing platforms (e.g., Kali Linux, Burp Suite, Metasploit)
  • Strong working knowledge of NIST SP 800-53 control requirements and FedRAMP Continuous Monitoring processes
  • Experience translating vulnerability findings into POA&Ms, remediation plans, and audit-ready documentation
  • Ability to collaborate cross-functionally with infrastructure, SRE, DevSecOps, and compliance teams
  • Must be a U.S. Citizen and eligible to support federal contracting environments

Nice to have:

  • Tenable Certified Nessus Expert
  • One or more of the following: Certified Ethical Hacker (CEH)
  • CompTIA PenTest+
  • Certified Information Systems Security Professional (CISSP)

Additional Information:

Job Posted:
January 04, 2026

Employment Type:
Fulltime
Work Type:
Remote work
Icon
Quzara - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Vulnerability Management Engineer

Senior Backend Engineer (Golang) Security & Vulnerability Management

Endor Labs is on a mission to enhance developer productivity and accelerate open...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.endorlabs.com Logo
Endor Labs
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in engineering with 6-8 years of experience building scalable backends for product/SaaS companies
  • At least 3-years experience in Golang programming with a focus on microservices/distributed architecture
  • Triaging, prioritizing and resolving vulnerabilities reported for containers and application-level dependencies, as well as solid knowledge of common standards in this space, e.g., CVE, CVSS, OVAL or PURL
  • Using two or more package managers of different ecosystems (e.g., Java/Maven, Node.js/npm or Debian/APT) for pulling and publishing artifacts, esp. in combination with company-internal registries, plus an understanding of their respective dependency specification formats, resolution algorithms and versioning conventions/formats
  • Practical experience in designing APIs with one or more frameworks (gRPC [preferred], ReST, GraphQL, Thrift, etc.)
  • Ability to build and design technical solutions from scratch and your code and documentation can be used as an example for coding best practices at Endor
  • Scalable Distributed System Experience - understand micro-services and domain-driven design, load balancing, horizontal/vertical scaling, and stateless architectures
  • Architecture - knowledge of data structures and a keen eye for building architectures that scale and extend easily for longevity
  • Apply data-driven techniques to evaluate and propose architectural choices
  • Ability to discuss tradeoffs between architecture’s choice to influence groups to move in the right direction
Job Responsibility
Job Responsibility
  • Architect and build the core backend infrastructure for SaaS products
  • Design, architect, and build features end-to-end while working closely with Product Management and the engineering team
  • Ensure scalability, reliability, and performance of systems
  • Drive innovation, make critical architectural decisions, and lead the implementation of cutting-edge technologies
  • Troubleshoot distributed systems and solve root causes.
  • Fulltime
Read More
Arrow Right

Vulnerability Management Technical Lead

The role includes managing and optimizing vulnerability management workflows usi...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4 to 8 years of experience
  • engineering graduate - preferably B.E./B.Tech in IT or Computer Engineering
  • strong analytical skills
  • experience with security information and event management (SIEM) tools
  • ~5 years of experience in information security, specifically in end-to-end vulnerability management with 2-3 years hands-on Rapid7 experience
  • advanced degrees or certifications preferred
  • knowledge of current cybersecurity trends, threats, and techniques
  • understanding of regulatory requirements
  • ability to work independently and collaboratively
  • good interpersonal and communication skills
Job Responsibility
Job Responsibility
  • ensure that Rapid7 is fully and effectively implemented
  • assist with design, implementation, and optimization of automated tagging workflows
  • build and refine InsightVM dashboards and reports for insights
  • integrate Rapid7 with external systems for accurate asset context and automated remediation ticket creation
  • collaborate with IT teams to reduce false positives and orphaned assets
  • implement and support scan scheduling and tuning
  • assist in risk acceptance workflows
  • troubleshoot scan and synchronization issues
  • drive process improvements in vulnerability management workflow
  • deliver security reports and presentations
What we offer
What we offer
  • inclusive and respectful work environment
  • positions open to people with disabilities
  • Fulltime
Read More
Arrow Right

Engineering Manager

As the Engineering Manager for Checkout & Payments (m/f/d), you'll play a vital ...
Location
Location
Germany , Berlin
Salary
Salary:
Not provided
cherry.vc Logo
Cherry Ventures
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • People leadership experience: Demonstrated experience building psychological safety, coaching engineers, and providing direct, compassionate feedback
  • You have a track record of hiring, developing, and retaining high-performing engineering teams
  • Payments domain expertise: Direct experience building or leading teams that operate payment systems at scale
  • You understand payment provider integrations, transaction reliability, idempotency patterns, and the complexities of processing payments across different methods and markets
  • Strong technical foundation: Solid knowledge of backend systems, microservices architecture, and building for scale
  • You can engage meaningfully in architectural discussions and guide your team toward quality trade-offs
  • Reliability mindset: Experience running high-reliability services with SLIs/SLOs, observability, and incident management practices
  • Communication skills: Ability to translate complex technical challenges into clear business impact for diverse stakeholders
Job Responsibility
Job Responsibility
  • Lead & Grow Engineers: Build a high-trust environment where engineers thrive and take ownership
  • You own end-to-end hiring, onboarding, and performance management, accountable for building and continuously improving how we attract talent
  • Ensure every team member has a clear career path and receives regular, actionable feedback
  • Help your team get 1% better every day
  • Drive Product & Business Impact: Partner with Product, Design, and Analytics to shape initiatives that directly impact Flink's revenue and customer experience
  • You'll work on challenges like increasing our Payment Success Rate, enabling customers to shop seamlessly across multiple devices, building internal tools that enable self-service for the products we build, and protecting our customers through fraud prevention initiatives
  • Own Critical Systems: Your team owns the systems that power the checkout experience, process payments, set prices, apply promotions, and present delivery options to customers (partnering with our dispatching teams to surface what's possible)
  • Guide Technical Direction: Shape the technology strategy for Checkout & Payments
  • Ensure your team makes the right technical decisions to deliver high-quality solutions reliably and repeatedly
  • You'll be included in architectural discussions, RFCs, and trade-off decisions, championing reliability, observability, and pragmatic engineering
What we offer
What we offer
  • A €1000 annual L&D budget as well as individual coaching options to ensure you have plenty of opportunities to learn, grow and achieve your goals
  • 26 days of vacation, +1 day every year up to a maximum of 30 days
  • A mobility budget of 35 EUR per month for Deutschland Ticket subsidy
  • A cool discount on your Urban Sports Club membership
  • Attractive company pension options
  • Unlimited access to an e-learning and development platform, MyAcademy, including online German courses
  • Online discounts with Corporate Benefits and Future Bens
  • A cool discount off your personal Flink orders
  • be the first to test out new products!
  • A modern and dog-friendly office in the heart of Berlin - lots of delicious lunch spots available within short walking distance
  • Fulltime
Read More
Arrow Right

Security Engineering Manager

Corporate Tools is looking for a Security Engineering Manager who eats vulnerabi...
Location
Location
Salary
Salary:
185000.00 USD / Year
corporatetools.com Logo
Corporate Tools
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BS in Computer Science or equivalent experience
  • 5+ years building and securing software — hands‑on experience with web frameworks (Rails, Django, Node, etc.) and modern architectures
  • Proven application security expertise: secure SDLC, OWASP, threat modeling, exploit mitigation, and vulnerability remediation
  • Experience leading security or engineering teams — setting strategy, running scrums, conducting reviews, and mentoring talent
  • Strong knowledge of cloud environments (AWS, Azure, GCP) and securing databases (SQL/NoSQL) in production
  • Exposure to offensive and defensive security practices — red team, blue team, or incident response experience a plus
  • Ability to communicate risk and solutions to execs, engineers, and auditors — respected by hackers and trusted by leadership
  • Pragmatic mindset: knows when to enable speed, when to block, and how to automate guardrails to keep teams fast and safe
Job Responsibility
Job Responsibility
  • Lead 6 security engineers across three specialized teams: Red (offense), Blue (defense), and Orange (compliance)
  • Own the security strategy and execution for offensive testing, defensive monitoring, and compliance work — ensuring all three disciplines are aligned
  • Act as the technical anchor for the teams: review code, guide exploits, drive secure architecture decisions, and mentor engineers
  • Partner with product and engineering leads to embed security into development (threat modeling, secure coding, CI/CD guardrails)
  • Build internal security tools and automation that make it easier for product teams to ship securely
  • Oversee red team engagements and turn findings into actionable fixes, not just reports
  • Manage defensive capabilities — incident response, detection engineering, monitoring — and continually improve them
  • Ensure compliance frameworks (SOC2, ISO, PCI, etc.) are met without slowing innovation or creating unnecessary bureaucracy
  • Set a high technical bar: coach, mentor, and challenge engineers to pursue elegant, practical security solutions
  • Balance being a builder and a leader: stay hands‑on enough to earn respect from hackers, but prioritize leading and scaling the team’s impact
What we offer
What we offer
  • 100% employer-paid medical, dental and vision for employees
  • Annual review with raise option
  • 22 days Paid Time Off accrued annually, and 4 holidays
  • After 3 years, PTO increases to 29 days. Employees transition to flexible time off after 5 years with the company—not accrued, not capped, take time off when you want
  • The 4 holidays are: New Year’s Day, Fourth of July, Thanksgiving, and Christmas Day
  • Paid Parental Leave
  • Up to 6% company matching 401(k) with no vesting period
  • Quarterly allowance
  • Use to make your remote work set up more comfortable, for continuing education classes, a plant for your desk, coffee for your coworker, a massage for yourself... really, whatever
  • Open concept office with friendly coworkers
Read More
Arrow Right

Engineering Manager, Platform

We are looking for an engineering manager to help us scale, improve organisation...
Location
Location
Salary
Salary:
Not provided
airalo.com Logo
Airalo
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 5 years of hands-on technical experience in cloud-native environments, specifically with distributed systems and platform development
  • Minimum 2 years of experience in directly leading and managing platform, DevOps, or SRE teams
  • Expertise in designing, building, refactoring, and operating distributed systems and scalable cloud infrastructure at scale
  • Expertise in event-driven architecture and various Messaging systems (e.g., Kafka, SQS, RabbitMQ, Pub/Sub)
  • Strong knowledge of both relational (SQL) and NoSQL database technologies and their operational considerations in cloud environments
  • Extensive hands-on experience and deep understanding of core AWS services (e.g., EC2, EKS, Lambda, SQS, Security Groups, IAM, Aurora, DynamoDB, S3, RDS, CloudWatch, CloudTrail)
  • Proven expertise with Infrastructure as Code (e.g., Terraform, CloudFormation)
  • Strong experience with containerisation technologies (Docker) and orchestration platforms (Kubernetes), including Helm and related ecosystem tools
  • Extensive experience with modern monitoring, logging, and observability platforms (e.g., Datadog, Prometheus, Grafana, ELK Stack, Jaeger/OpenTelemetry)
  • Strong familiarity with DevSecOps practices and the implementation of automated security tooling throughout the CI/CD pipeline (e.g., SAST, DAST, secret management, vulnerability scanning)
Job Responsibility
Job Responsibility
  • Lead the strategy, architecture, and execution of our core platform technologies
  • Extend and improve engineering best practices across the organisation
  • Maintain and improve a collaborative environment, acting as a key bridge between application development teams and the platform team
  • Motivate and instil a strong sense of ownership in your team for the end-to-end lifecycle, stability, scalability, and performance of our core platform services
  • Mentor and guide the professional and technical development of your team members
  • Ensures that the team delivers high quality products and solutions by following the best practices
  • Build and scale teams that are collaborative, inclusive, and respectful of each other
  • Provide continuous, actionable feedback, address underperformance proactively, and recognise the individual strengths and contributions of your team members
  • Work closely with engineers and collaborate with key stakeholders to define, maintain a prioritised backlog, and establish clear short-term and long-term goals for the platform roadmap
  • Own your team’s deliverables and ensure the continuous delivery of scalable, highly-available, and cost-efficient platform services and infrastructure
What we offer
What we offer
  • Health Insurance
  • work-from-anywhere stipend
  • annual wellness & learning credits
  • annual all-expenses-paid company retreat in a gorgeous destination
  • Fulltime
Read More
Arrow Right

Cyber Security Engineer

Cyber Security Engineer position at Sopra Steria, a major Tech player in Europe ...
Location
Location
India , Noida
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Governance - Security Operational Tasks support & governance. Compliance and Risk Management
  • Vulnerability Management - vulnerability (infra and app) scans and remediation plans
  • SMP (Security Management Plan) - preparing, reviewing and managing
  • Authorisation management - should have managed the accounts & controls in the Infra scope
  • Security Patch management - end-to-end coordination and implementation
  • Security product management - Antivirus Management, like TrendMicro, Defender, etc...
  • Security incident management - Managing the end-to-end security incident lifecycle with corrective measures
  • Audit support - support auditors' mandate on the security system and artefacts
  • Mitigation - thinking analytically and executing efficiently. Analyse and optimise orchestration and automation between security tools
  • Vendor Management, Collaboration, Facilitation - Excellent customer-facing skills and significant experience building strong client relationships
What we offer
What we offer
  • Commitment to fighting against all forms of discrimination
  • Inclusive and respectful work environment
  • Open to people with disabilities
  • Fulltime
Read More
Arrow Right

Senior Security Engineer

We are seeking a Senior Vulnerability Management Engineer to lead and enhance ou...
Location
Location
Philippines , Makati City
Salary
Salary:
Not provided
avaloq.com Logo
Avaloq
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive hands-on experience with Tenable (Tenable.io, Tenable.sc, Nessus Manager)
  • Deep technical expertise in vulnerability detection, authenticated scan engineering, and hybrid infrastructure scanning
  • Strong knowledge of networks, Windows/Linux, VMware, cloud platforms (AWS and OCI), and container ecosystems
  • Scripting and automation skills (Python, PowerShell, REST APIs)
  • Solid understanding of security frameworks: CIS Benchmarks, ISO 27001, SWIFT CSCF, CSA CCM
  • Experience in FINMA, MAS and DORA regulated financial environments (banks, insurers, securities firms)
  • Ability to communicate technical risk clearly to both engineers and senior management
  • Certifications: OCI Security Professional, Tenable Certified Engineer, CISSP
Job Responsibility
Job Responsibility
  • Lead engineering, architecture, and advanced configuration of Tenable.io / Tenable.sc / Nessus across hybrid infrastructures
  • Oversee authenticated scanning across servers, cloud workloads, network appliances, databases, and container platforms
  • Integrate Tenable with enterprise systems (CMDB, SIEM, ITSM) using APIs and scripting (Python/PowerShell)
  • Engineer cloud vulnerability coverage via connectors, agents, and container registry scans
  • Enhance detection accuracy through custom plugins, scan policy tuning, and automation pipelines
  • Provide technical leadership and guidance to remediation teams, ensuring adherence to CIS/NIST/SWIFT/ISO standards
  • Produce regulator-ready metrics, dashboards, and audit evidence for FINMA and MAS reviews
  • Contribute to security architecture, hardening initiatives, and continuous improvement of the vulnerability management program
What we offer
What we offer
  • Annual bonus
  • Flexible working
  • Instant recognition
  • Access to Udemy for professional and personal learning
  • Fulltime
Read More
Arrow Right

Cloud Cybersecurity Engineer

This role will be focused on helping to prevent and protect Fever from security ...
Location
Location
Spain , Madrid
Salary
Salary:
Not provided
https://feverup.com/fe Logo
Fever
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Hands-on expertise in vulnerability management for cloud environments, containers, and applications
  • Proficiency in scripting for automation and security operations (Python, Go or similar)
  • Strong experience with AWS cloud infrastructure security including configurations, networking, Identities, etc.
  • Deep understanding of cloud security frameworks, best practices and secure architecture principles
  • Ability to analyze security threats and implement proactive defense mechanisms
  • Strong analytical and problem-solving skills
  • Ability to work cross-functionally to drive security initiatives
  • 4+ years of experience in cloud security and/or cybersecurity roles
  • Bachelor or Master’s Degree in Computer Science, Information Security, or another similar relevant degree (or equivalent experience in a technical security role)
  • Fluent in english
Job Responsibility
Job Responsibility
  • Manage and improve the vulnerability management process for cloud environments including containers, hosts and applications
  • Conduct regular security assessments to identify vulnerabilities and misconfigurations in the AWS ecosystem
  • Enforce AWS security best practices, including secure configurations, architecture and processes
  • Perform risk assessments based on cloud architecture best practices to provide technical security expertise to stakeholders in implementing secure solutions
  • Develop and deploy automated security solutions to improve vulnerability reporting, tracking and remediation processes
  • Collaborate with DevOps and engineering teams to integrate security best practices into cloud environments
  • Monitor performance of vulnerability management, secure configuration and architecture implementations
What we offer
What we offer
  • Opportunity to have a real impact in a high-growth global category leader
  • 40% discount on all Fever events and experiences
  • Position based in Madrid, home office friendly
  • Relocation package for international candidates
  • Responsibility from day one and professional and personal growth
  • Great work environment with a young, international team of talented people to work with
  • Health insurance and other benefits such as Flexible remuneration with a 100% tax exemption through Cobee
  • English Lessons
  • Gympass Membership
  • Possibility to receive in advance part of your salary by Payflow
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy