Job Description
As a Security Engineer for Vulnerability Management, your mission is to build, implement, and operate GFiber's infrastructure vulnerability management program from the ground up. You will achieve this by deploying our vulnerability scanning platforms, establishing a formal process for prioritization and remediation, and driving the reduction of risk across GFiber's systems and infrastructure.
In this role, you will be a pivotal member of the Cybersecurity team, directly shaping GFiber's security posture by providing critical visibility into our attack surface. You will focus on building and scaling this new program, leveraging automation, and providing expert guidance to internal teams. You'll collaborate closely with Engineering, Cloud Security, Network Security, and Application Security to ensure a holistic and effective approach to vulnerability remediation.
In this role, you'll:
• Lead the selection, deployment, and configuration of vulnerability management tools for infrastructure, cloud, and network assets.
• Develop, implement, and document a formal vulnerability prioritization framework and remediation process, including defining SLAs and escalation paths.
• Configure and manage regular vulnerability scanning schedules (credentialed and uncredentialed) across the enterprise.
• Analyze scan results, triage findings, validate false positives, and identify compensating controls.
• Provide subject matter expertise and actionable, risk-based guidance to system owners and engineering teams to drive remediation.
• Partner with asset owners and technical teams to track, report on, and verify the remediation of identified vulnerabilities.
• Integrate VM tools with our ticketing system and other security platforms to automate and streamline remediation workflows.
• Develop and maintain vulnerability management dashboards and reports for both technical teams and executive leadership.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Required Skills & Experience
At a minimum we'd like you to have:
• Bachelor's degree in a related field, or equivalent practical experience.
• 5+ years of experience in vulnerability management, offensive security, or a related cybersecurity engineering role.
• In-depth, hands-on experience with modern vulnerability management platforms (e.g., Tenable, Qualys-Must have, Rapid7).
• Strong understanding of vulnerability prioritization frameworks (e.g., CVSS, EPSS) and risk assessment methodologies.
• Experience with scripting (e.g., Python) for automation and API integration.
• Excellent communication, presentation, and interpersonal skills.
Nice to Have Skills & Experience
It's preferred if you have:
• Experience in the telecommunications or a related industry.
• Relevant security certifications (e.g., CISSP, GCIH, or vendor-specific).
• Experience with cloud security posture management (CSPM) and vulnerability scanning in cloud environments (GCP, AWS, Azure).
• A technical background in system administration (Linux/Windows), network engineering, or application security.
• Experience in a fast-paced, high-growth environment.
Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.