Vulnerability Management Engineer

Every day, NuHarbor Security improves the cybersecurity of our clients by making it stronger and easier to understand.  Our comprehensive suite of security services, from strategic advising to 24-hour monitoring and management, provide an organizational view of security that is focused on results and recommendations that are valuable for both business and technical leaders.  We’re growing quickly because our clients, and the general market, are looking for these outcomes and for the data it gives them to explain, promote, and justify, their security investment and mission.

The Vulnerability Engineer will drive the organization’s vulnerability management efforts, to identify, prioritize, and mitigate vulnerabilities across client's digital assets. This role involves assessing risk, generating comprehensive reports, and collaborating with technology and security teams to ensure swift remediation in alignment with business and compliance standards. The Vulnerability Engineer will streamline the vulnerability management processes and drive security-focused and best-practice recommendations to our clients. With a focus on platform optimization and continual improvement, this individual will enhance our client’s organization’s security posture. 

What you’ll do

• Lives by the NuHarbor corporate values: Help Clients Win, Always Improve, Protect the House. 

• Help customers reduce their organizational risk by discovering, validating, and prioritizing vulnerabilities and associated remediations. 

• Lead efforts to configure, manage, and optimize vulnerability management tools to identify, assess, and prioritize vulnerabilities across an organization’s assets. 

• Work closely with technology and security teams to ensure timely remediation of vulnerabilities in accordance with organizational risk thresholds and compliance requirements. 

• Conduct regular risk assessments using vulnerability management tools to provide a clear understanding of the security posture across networks, web applications, and cloud infrastructure. 

• Generate and present detailed reports, including executive-level summaries, that outline vulnerabilities, risk scores, and remediation progress. 

• Analyze threat trends and advise on proactive measures for mitigation based on emerging threats that may impact the organization. 

• Develop and implement automation for scanning, reporting, and remediation workflows to improve efficiency and reduce response times. 

• Continuously evaluate and refine processes to ensure efficient delivery of services to the organization. 

• Act as a key point of contact for stakeholders across the organization regarding platform capabilities, findings, and best practices. 

• Work closely with security, risk, and IT operations teams to align vulnerability management activities with broader security initiatives. 

• Mentor junior security team members on vulnerability management best practices, assisting in their professional development. 

• Ensure that vulnerability platform and related integrations are maintained, updated, and optimized for peak performance. 

• Troubleshoot issues within the platform and work with support if necessary to resolve complex problems. 

• Stay current with the latest trends in vulnerability management. 

• Participate in the evaluation of emerging tools and technologies that could enhance or complement capabilities within the organization. 

• Use your advanced understanding of, and ability to communicate, security technologies to mitigate cyber risks. 

• Develop recommendations and enhancements to mature a client’s cybersecurity program. 

• Required to participate in 24x7 rotation. 

Your foundation.  The requirements for this role:

• Bachelor’s Degree in a related field and five (5) or more years in Information Technology. 

• In lieu of a degree, two (2) years of experience in a related technology field and relevant industry certifications are required. 

• Three (3) or more years of experience should have been directly supporting vulnerability management. 

• Strong Linux and Windows proficiency. 

• Strong understanding of security concepts and operations. 

• Strong understanding of networking concepts and architecture. 

• Experience with data visualization tools and strong analytical skills. 

• A minimum of two (2) years of CrowdStrike Spotlight experience.  

• Experience implementing, configuring, and managing vulnerability assessment tools including Tenable Nessus, Tenable.SC, Tenable.IO and Tenable NNM/PVS, and CrowdStrike Spotlight. 

• Experience in analyzing vulnerability scan results and asset data to prioritize remediation activities. 

• Experience performing vulnerability scanning in operationally sensitive environments. 

• Experience performing vulnerability scanning in public cloud environments. 

• Exhibit superior organizational skills to organize, analyze, develop, and deliver detailed reports.  

• Strong written and verbal communication skills. 

• Ability to meet deadlines for project-based tasks. 

• Must be a citizen of the United States. 

Additional capabilities that will differentiate you for this role:

• Experience with CrowdStrike Spotlight. 

• Log analysis using a SEIM product. 

• Experience in customer support. 

• Ability to manage multiple priorities in a fast-paced environment. 
• Strong analytical and technical skills. 

What you can expect:

• The engagement and support of company leadership who recognize the challenge of marketing a complex cybersecurity service in a chaotic market.
• An organization that recognizes and rewards employee commitment and contribution to our customers’ satisfaction and success
• Growth in your career and capabilities as you help to chart a path to improving customer interactivity and service adoption.
• A collaborative and driven working environment in a rapidly growing company and market
• A fun and social working environment where you are encouraged to be your true self.

You can also expect base salary is targeted at $122,000 - $145,000 annually.  

*Salary based on Burlington, VT salary data. Offer is based on candidate geography. Additionally, this role is eligible for the company bonus plan at a 10% target. 

We are purpose driven. We, as an organization, above anything else protect the house first and then help our customers win.  If this sounds like the kind of organization you’d like to be a part of, we‘d like to hear from you.

AAP/EEO Statement

The Equal Employment Opportunity Policy of NuHarbor Security is to provide a fair and equal employment opportunity for all associates and job applicants regardless of race, color, religion, national origin, gender, sexual orientation, age, marital status or disability. NuHarbor Security hires and promotes individuals solely based on their qualifications for the job to be filled.

NuHarbor Security believes that employees should be provided with a working environment which enables each associate to be productive and to work to the best of his or her ability. We do not condone or tolerate an atmosphere of intimidation or harassment based on race, color, religion, national origin, gender, sexual orientation, age, marital status, or disability.  We expect and require the cooperation of all employees in maintaining a discrimination and harassment-free atmosphere.