Security Engineer - Threat & Vulnerability

Job Description

Job Summary:

We are seeking a Security Engineer II to support threat and vulnerability management across on-premises and cloud environments. This role focuses on identifying security risks, assessing vulnerabilities, ensuring secure configurations, and driving remediation efforts to improve overall security posture.

Key Responsibilities:

• Identify, assess, and remediate vulnerabilities across on-prem and cloud environments (AWS/Azure/GCP)
• Monitor and analyze threat intelligence using frameworks such as MITRE ATT&CK, OWASP, and CVSS
• Utilize vulnerability and cloud security tools (Tenable, Qualys, Rapid7, Prisma Cloud, Defender for Cloud, Wiz)
• Perform secure configuration audits using CIS Benchmarks, NIST, and STIGs
• Collaborate with IT, Cloud, and DevOps teams to implement remediation
• Automate security processes using scripting (Python, PowerShell, Bash)
• Track remediation progress and communicate risks to technical and non-technical stakeholders

Required Skills & Experience:

• 4+ years of experience in Cybersecurity or IT with exposure to vulnerability or cloud security
• Hands-on experience with vulnerability management tools
• Strong understanding of security controls, risk management, and compliance
• Experience with scripting/automation and API integrations
• Familiarity with SIEM, logging, monitoring, and ticketing systems