Security Engineer - Vulnerability Management

Configure, execute, tune, and manage vulnerability scanning tools (Rapid7, Tanium).
Ensure regular scans, assessments, and analyses are completed with accurate results.
Identify, validate, and remediate vulnerabilities while minimizing false positives.
Provide technical recommendations throughout the vulnerability management lifecycle.
Work with teams to automate and integrate vulnerability management processes.
Utilize CVSS, OWASP, and other vulnerability scoring models to assess risk.
Assist in incident response and threat modeling efforts (Cyber Kill Chain, MITRE ATT&CK).
Communicate security risks and remediation strategies to both technical and non-technical audiences.
Support the Vulnerability Manager by suggesting risk-based process improvements and change controls.
Provide documentation and security exception recommendations when necessary.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.

To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .

3-5 years of hands-on experience in Vulnerability Management.
Strong knowledge of system administration, networking, OS hardening, and risk management.
Experience identifying false positives and refining vulnerability detection techniques.
Knowledge of operational security impacts and threat environments.

AWS Certified Security, CISSP, CCSP, CEH
GIAC Certifications: GWEB, GPEN, OSCP (Penetration Testing & Security Assessments)
Experience with incident response frameworks and threat modeling.
Familiarity with cloud security best practices (AWS, Azure, GCP).
Strong background in automating security workflows and integrating tools.
Experience in mature false positive remediation methodologies.

Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.