CrawlJobs Logo

Vulnerability Management Engineer

quzara.com Logo

Quzara

Location Icon

Location:
United States

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

The Vulnerability Management Engineer (FedRAMP & Pen Test Support) is responsible for delivering and scaling Quzara’s Authorized Vulnerability Management Services while providing technical enablement for high-impact penetration testing efforts supporting federal and regulated customers. This role owns the end-to-end vulnerability management lifecycle, including scanner configuration, continuous monitoring execution, remediation coordination, and tool maintenance. The position requires hands-on expertise with enterprise vulnerability scanning platforms and penetration testing toolchains, as well as a deep understanding of FedRAMP Continuous Monitoring (ConMon) and NIST 800-53 requirements. The ideal candidate is a practitioner who can operate independently in regulated environments, maintain audit-ready tooling, and translate scan output into actionable remediation guidance.

Job Responsibility:

  • Install, configure, maintain, and patch penetration testing toolsets (e.g., Burp Suite Pro, Metasploit, Kali Linux) for use in federal and regulated engagements
  • Execute and manage monthly FedRAMP Continuous Monitoring (ConMon) activities, including vulnerability scanning, deviation analysis, and POA&M generation
  • Configure, optimize, and maintain Tenable.io / Nessus scanners and web application scanning (WAS) tools to ensure accurate and comprehensive asset coverage
  • Own the health, licensing, patching, and lifecycle management of all vulnerability management and penetration testing tools to ensure continuous audit readiness
  • Analyze scan results and collaborate with Site Reliability Engineers (SREs), infrastructure teams, and application owners to drive timely remediation
  • Interpret vulnerability data across Windows, Linux, database, container, and web application assets and provide remediation guidance aligned with federal baselines
  • Support penetration testing preparation and execution by ensuring testing environments, tools, and configurations are compliant and operational
  • Provide vulnerability evidence, scan reports, and remediation documentation to support FedRAMP, FISMA, and third-party assessment activities
  • Continuously improve vulnerability management processes, scan coverage, and reporting accuracy across Quzara environments

Requirements:

  • 4+ years of experience in Vulnerability Management or Penetration Testing support within FedRAMP or Federal environments
  • Expert-level proficiency with Tenable.io / Nessus, including scanner deployment, policy tuning, and result interpretation
  • Hands-on experience maintaining and operating penetration testing platforms (e.g., Kali Linux, Burp Suite, Metasploit)
  • Strong working knowledge of NIST SP 800-53 control requirements and FedRAMP Continuous Monitoring processes
  • Experience translating vulnerability findings into POA&Ms, remediation plans, and audit-ready documentation
  • Ability to collaborate cross-functionally with infrastructure, SRE, DevSecOps, and compliance teams
  • Must be a U.S. Citizen and eligible to support federal contracting environments

Nice to have:

  • Tenable Certified Nessus Expert
  • One or more of the following: Certified Ethical Hacker (CEH)
  • CompTIA PenTest+
  • Certified Information Systems Security Professional (CISSP)

Additional Information:

Job Posted:
January 04, 2026

Employment Type:
Fulltime
Work Type:
Remote work
Icon
Quzara - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Vulnerability Management Engineer

Senior Backend Engineer (Golang) Security & Vulnerability Management

Endor Labs is on a mission to enhance developer productivity and accelerate open...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.endorlabs.com Logo
Endor Labs
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in engineering with 6-8 years of experience building scalable backends for product/SaaS companies
  • At least 3-years experience in Golang programming with a focus on microservices/distributed architecture
  • Triaging, prioritizing and resolving vulnerabilities reported for containers and application-level dependencies, as well as solid knowledge of common standards in this space, e.g., CVE, CVSS, OVAL or PURL
  • Using two or more package managers of different ecosystems (e.g., Java/Maven, Node.js/npm or Debian/APT) for pulling and publishing artifacts, esp. in combination with company-internal registries, plus an understanding of their respective dependency specification formats, resolution algorithms and versioning conventions/formats
  • Practical experience in designing APIs with one or more frameworks (gRPC [preferred], ReST, GraphQL, Thrift, etc.)
  • Ability to build and design technical solutions from scratch and your code and documentation can be used as an example for coding best practices at Endor
  • Scalable Distributed System Experience - understand micro-services and domain-driven design, load balancing, horizontal/vertical scaling, and stateless architectures
  • Architecture - knowledge of data structures and a keen eye for building architectures that scale and extend easily for longevity
  • Apply data-driven techniques to evaluate and propose architectural choices
  • Ability to discuss tradeoffs between architecture’s choice to influence groups to move in the right direction
Job Responsibility
Job Responsibility
  • Architect and build the core backend infrastructure for SaaS products
  • Design, architect, and build features end-to-end while working closely with Product Management and the engineering team
  • Ensure scalability, reliability, and performance of systems
  • Drive innovation, make critical architectural decisions, and lead the implementation of cutting-edge technologies
  • Troubleshoot distributed systems and solve root causes.
  • Fulltime
Read More
Arrow Right

Vulnerability Management Technical Lead

The role includes managing and optimizing vulnerability management workflows usi...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4 to 8 years of experience
  • engineering graduate - preferably B.E./B.Tech in IT or Computer Engineering
  • strong analytical skills
  • experience with security information and event management (SIEM) tools
  • ~5 years of experience in information security, specifically in end-to-end vulnerability management with 2-3 years hands-on Rapid7 experience
  • advanced degrees or certifications preferred
  • knowledge of current cybersecurity trends, threats, and techniques
  • understanding of regulatory requirements
  • ability to work independently and collaboratively
  • good interpersonal and communication skills
Job Responsibility
Job Responsibility
  • ensure that Rapid7 is fully and effectively implemented
  • assist with design, implementation, and optimization of automated tagging workflows
  • build and refine InsightVM dashboards and reports for insights
  • integrate Rapid7 with external systems for accurate asset context and automated remediation ticket creation
  • collaborate with IT teams to reduce false positives and orphaned assets
  • implement and support scan scheduling and tuning
  • assist in risk acceptance workflows
  • troubleshoot scan and synchronization issues
  • drive process improvements in vulnerability management workflow
  • deliver security reports and presentations
What we offer
What we offer
  • inclusive and respectful work environment
  • positions open to people with disabilities
  • Fulltime
Read More
Arrow Right

Engineering Manager

As the Engineering Manager for Checkout & Payments (m/f/d), you'll play a vital ...
Location
Location
Germany , Berlin
Salary
Salary:
Not provided
cherry.vc Logo
Cherry Ventures
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • People leadership experience: Demonstrated experience building psychological safety, coaching engineers, and providing direct, compassionate feedback
  • You have a track record of hiring, developing, and retaining high-performing engineering teams
  • Payments domain expertise: Direct experience building or leading teams that operate payment systems at scale
  • You understand payment provider integrations, transaction reliability, idempotency patterns, and the complexities of processing payments across different methods and markets
  • Strong technical foundation: Solid knowledge of backend systems, microservices architecture, and building for scale
  • You can engage meaningfully in architectural discussions and guide your team toward quality trade-offs
  • Reliability mindset: Experience running high-reliability services with SLIs/SLOs, observability, and incident management practices
  • Communication skills: Ability to translate complex technical challenges into clear business impact for diverse stakeholders
Job Responsibility
Job Responsibility
  • Lead & Grow Engineers: Build a high-trust environment where engineers thrive and take ownership
  • You own end-to-end hiring, onboarding, and performance management, accountable for building and continuously improving how we attract talent
  • Ensure every team member has a clear career path and receives regular, actionable feedback
  • Help your team get 1% better every day
  • Drive Product & Business Impact: Partner with Product, Design, and Analytics to shape initiatives that directly impact Flink's revenue and customer experience
  • You'll work on challenges like increasing our Payment Success Rate, enabling customers to shop seamlessly across multiple devices, building internal tools that enable self-service for the products we build, and protecting our customers through fraud prevention initiatives
  • Own Critical Systems: Your team owns the systems that power the checkout experience, process payments, set prices, apply promotions, and present delivery options to customers (partnering with our dispatching teams to surface what's possible)
  • Guide Technical Direction: Shape the technology strategy for Checkout & Payments
  • Ensure your team makes the right technical decisions to deliver high-quality solutions reliably and repeatedly
  • You'll be included in architectural discussions, RFCs, and trade-off decisions, championing reliability, observability, and pragmatic engineering
What we offer
What we offer
  • A €1000 annual L&D budget as well as individual coaching options to ensure you have plenty of opportunities to learn, grow and achieve your goals
  • 26 days of vacation, +1 day every year up to a maximum of 30 days
  • A mobility budget of 35 EUR per month for Deutschland Ticket subsidy
  • A cool discount on your Urban Sports Club membership
  • Attractive company pension options
  • Unlimited access to an e-learning and development platform, MyAcademy, including online German courses
  • Online discounts with Corporate Benefits and Future Bens
  • A cool discount off your personal Flink orders
  • be the first to test out new products!
  • A modern and dog-friendly office in the heart of Berlin - lots of delicious lunch spots available within short walking distance
  • Fulltime
Read More
Arrow Right

Security Engineering Manager

Corporate Tools is looking for a Security Engineering Manager who eats vulnerabi...
Location
Location
Salary
Salary:
185000.00 USD / Year
corporatetools.com Logo
Corporate Tools
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BS in Computer Science or equivalent experience
  • 5+ years building and securing software — hands‑on experience with web frameworks (Rails, Django, Node, etc.) and modern architectures
  • Proven application security expertise: secure SDLC, OWASP, threat modeling, exploit mitigation, and vulnerability remediation
  • Experience leading security or engineering teams — setting strategy, running scrums, conducting reviews, and mentoring talent
  • Strong knowledge of cloud environments (AWS, Azure, GCP) and securing databases (SQL/NoSQL) in production
  • Exposure to offensive and defensive security practices — red team, blue team, or incident response experience a plus
  • Ability to communicate risk and solutions to execs, engineers, and auditors — respected by hackers and trusted by leadership
  • Pragmatic mindset: knows when to enable speed, when to block, and how to automate guardrails to keep teams fast and safe
Job Responsibility
Job Responsibility
  • Lead 6 security engineers across three specialized teams: Red (offense), Blue (defense), and Orange (compliance)
  • Own the security strategy and execution for offensive testing, defensive monitoring, and compliance work — ensuring all three disciplines are aligned
  • Act as the technical anchor for the teams: review code, guide exploits, drive secure architecture decisions, and mentor engineers
  • Partner with product and engineering leads to embed security into development (threat modeling, secure coding, CI/CD guardrails)
  • Build internal security tools and automation that make it easier for product teams to ship securely
  • Oversee red team engagements and turn findings into actionable fixes, not just reports
  • Manage defensive capabilities — incident response, detection engineering, monitoring — and continually improve them
  • Ensure compliance frameworks (SOC2, ISO, PCI, etc.) are met without slowing innovation or creating unnecessary bureaucracy
  • Set a high technical bar: coach, mentor, and challenge engineers to pursue elegant, practical security solutions
  • Balance being a builder and a leader: stay hands‑on enough to earn respect from hackers, but prioritize leading and scaling the team’s impact
What we offer
What we offer
  • 100% employer-paid medical, dental and vision for employees
  • Annual review with raise option
  • 22 days Paid Time Off accrued annually, and 4 holidays
  • After 3 years, PTO increases to 29 days. Employees transition to flexible time off after 5 years with the company—not accrued, not capped, take time off when you want
  • The 4 holidays are: New Year’s Day, Fourth of July, Thanksgiving, and Christmas Day
  • Paid Parental Leave
  • Up to 6% company matching 401(k) with no vesting period
  • Quarterly allowance
  • Use to make your remote work set up more comfortable, for continuing education classes, a plant for your desk, coffee for your coworker, a massage for yourself... really, whatever
  • Open concept office with friendly coworkers
Read More
Arrow Right

Engineering Manager, Platform

We are looking for an engineering manager to help us scale, improve organisation...
Location
Location
Salary
Salary:
Not provided
airalo.com Logo
Airalo
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 5 years of hands-on technical experience in cloud-native environments, specifically with distributed systems and platform development
  • Minimum 2 years of experience in directly leading and managing platform, DevOps, or SRE teams
  • Expertise in designing, building, refactoring, and operating distributed systems and scalable cloud infrastructure at scale
  • Expertise in event-driven architecture and various Messaging systems (e.g., Kafka, SQS, RabbitMQ, Pub/Sub)
  • Strong knowledge of both relational (SQL) and NoSQL database technologies and their operational considerations in cloud environments
  • Extensive hands-on experience and deep understanding of core AWS services (e.g., EC2, EKS, Lambda, SQS, Security Groups, IAM, Aurora, DynamoDB, S3, RDS, CloudWatch, CloudTrail)
  • Proven expertise with Infrastructure as Code (e.g., Terraform, CloudFormation)
  • Strong experience with containerisation technologies (Docker) and orchestration platforms (Kubernetes), including Helm and related ecosystem tools
  • Extensive experience with modern monitoring, logging, and observability platforms (e.g., Datadog, Prometheus, Grafana, ELK Stack, Jaeger/OpenTelemetry)
  • Strong familiarity with DevSecOps practices and the implementation of automated security tooling throughout the CI/CD pipeline (e.g., SAST, DAST, secret management, vulnerability scanning)
Job Responsibility
Job Responsibility
  • Lead the strategy, architecture, and execution of our core platform technologies
  • Extend and improve engineering best practices across the organisation
  • Maintain and improve a collaborative environment, acting as a key bridge between application development teams and the platform team
  • Motivate and instil a strong sense of ownership in your team for the end-to-end lifecycle, stability, scalability, and performance of our core platform services
  • Mentor and guide the professional and technical development of your team members
  • Ensures that the team delivers high quality products and solutions by following the best practices
  • Build and scale teams that are collaborative, inclusive, and respectful of each other
  • Provide continuous, actionable feedback, address underperformance proactively, and recognise the individual strengths and contributions of your team members
  • Work closely with engineers and collaborate with key stakeholders to define, maintain a prioritised backlog, and establish clear short-term and long-term goals for the platform roadmap
  • Own your team’s deliverables and ensure the continuous delivery of scalable, highly-available, and cost-efficient platform services and infrastructure
What we offer
What we offer
  • Health Insurance
  • work-from-anywhere stipend
  • annual wellness & learning credits
  • annual all-expenses-paid company retreat in a gorgeous destination
  • Fulltime
Read More
Arrow Right

Engineering Manager, Data Security

As an Engineering Manager on our Data Security team, you’ll lead a group of tale...
Location
Location
United States; Canada
Salary
Salary:
190000.00 - 258000.00 USD / Year
https://www.1password.com Logo
1Password
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A strong background in data security, ideally in applied cryptography
  • Implementing modern symmetric or asymmetric cryptographic algorithms
  • Building or integrating digital signature schemes and hash functions
  • Delivering key management systems, key distribution protocols, or working with hardware security modules
  • Identifying and mitigating real-world security vulnerabilities and attack vectors
  • Managed or technically led a team of developers and owned application development from planning to delivery
  • Hands-on engineering experience and tackled complex, ambiguous problems through code
  • Technical background to coach developers and elevate team performance
  • Led cross-functional projects that span multiple systems, teams, or architectural layers
  • Create a positive, inclusive team environment where people feel supported, challenged, and energized
Job Responsibility
Job Responsibility
  • Lead and develop a high-performing team of engineers in a culture of innovation, execution, and collaboration
  • Scope, prioritize, and plan impactful security initiatives in partnership with your team
  • Drive high-quality execution through iterative delivery, velocity, and clear communication
  • Provide hands-on technical leadership within your team and across engineering
  • Build and support a diverse, inclusive team where people grow and thrive
  • Help scale a specialized team by refining hiring, onboarding, and growth practices in partnership with fellow EMs
What we offer
What we offer
  • Maternity and parental leave top-up programs
  • Generous PTO policy
  • Four company-wide wellness days
  • Company equity for all full-time employees
  • Retirement matching program
  • Free 1Password account
  • Paid volunteer days
  • Employee-led inclusion and belonging programs and ERGs
  • Peer-to-peer recognition through Bonusly
  • Fulltime
Read More
Arrow Right

Cyber Security Engineer

Cyber Security Engineer position at Sopra Steria, a major Tech player in Europe ...
Location
Location
India , Noida
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Governance - Security Operational Tasks support & governance. Compliance and Risk Management
  • Vulnerability Management - vulnerability (infra and app) scans and remediation plans
  • SMP (Security Management Plan) - preparing, reviewing and managing
  • Authorisation management - should have managed the accounts & controls in the Infra scope
  • Security Patch management - end-to-end coordination and implementation
  • Security product management - Antivirus Management, like TrendMicro, Defender, etc...
  • Security incident management - Managing the end-to-end security incident lifecycle with corrective measures
  • Audit support - support auditors' mandate on the security system and artefacts
  • Mitigation - thinking analytically and executing efficiently. Analyse and optimise orchestration and automation between security tools
  • Vendor Management, Collaboration, Facilitation - Excellent customer-facing skills and significant experience building strong client relationships
What we offer
What we offer
  • Commitment to fighting against all forms of discrimination
  • Inclusive and respectful work environment
  • Open to people with disabilities
  • Fulltime
Read More
Arrow Right

Senior Security Engineer

We are seeking a Senior Vulnerability Management Engineer to lead and enhance ou...
Location
Location
Philippines , Makati City
Salary
Salary:
Not provided
avaloq.com Logo
Avaloq
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive hands-on experience with Tenable (Tenable.io, Tenable.sc, Nessus Manager)
  • Deep technical expertise in vulnerability detection, authenticated scan engineering, and hybrid infrastructure scanning
  • Strong knowledge of networks, Windows/Linux, VMware, cloud platforms (AWS and OCI), and container ecosystems
  • Scripting and automation skills (Python, PowerShell, REST APIs)
  • Solid understanding of security frameworks: CIS Benchmarks, ISO 27001, SWIFT CSCF, CSA CCM
  • Experience in FINMA, MAS and DORA regulated financial environments (banks, insurers, securities firms)
  • Ability to communicate technical risk clearly to both engineers and senior management
  • Certifications: OCI Security Professional, Tenable Certified Engineer, CISSP
Job Responsibility
Job Responsibility
  • Lead engineering, architecture, and advanced configuration of Tenable.io / Tenable.sc / Nessus across hybrid infrastructures
  • Oversee authenticated scanning across servers, cloud workloads, network appliances, databases, and container platforms
  • Integrate Tenable with enterprise systems (CMDB, SIEM, ITSM) using APIs and scripting (Python/PowerShell)
  • Engineer cloud vulnerability coverage via connectors, agents, and container registry scans
  • Enhance detection accuracy through custom plugins, scan policy tuning, and automation pipelines
  • Provide technical leadership and guidance to remediation teams, ensuring adherence to CIS/NIST/SWIFT/ISO standards
  • Produce regulator-ready metrics, dashboards, and audit evidence for FINMA and MAS reviews
  • Contribute to security architecture, hardening initiatives, and continuous improvement of the vulnerability management program
What we offer
What we offer
  • Annual bonus
  • Flexible working
  • Instant recognition
  • Access to Udemy for professional and personal learning
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy