Note: The job is a remote job and is open to candidates in USA. Group 1001 is a consumer-centric, technology-driven family of insurance companies focused on delivering outstanding value and operational performance. The Senior Vulnerability Management Engineer will leverage their expertise in vulnerability management and systems engineering to identify and mitigate risks across various platforms while optimizing the vulnerability management function for automation.
Responsibilities
- Own the end-to-end vulnerability management pipeline: asset discovery > scanning > enrichment > prioritization > assignment > verification > closure
- Build, codify, and iterate a data-driven prioritization framework (blending CVSS, EPSS, KEV, exploit availability, asset criticality, exposure/reachability, compensating controls, and business context)
- Automate the full workflow via SOAR playbooks, webhooks, REST/GraphQL APIs, message queues, and custom scripts where needed
- Develop and improve KPIs, metrics, and trending for vulnerability management functions, and bring leadership attention to root-cause issues driving systemic vulnerability risk
- Integrate scanners, CMDB/asset inventory, EDR, cloud providers (AWS/Azure/GCP), and others into a single pipeline for management
- Continuously reduce noise: dedupe, suppress known-benign, correlate related findings, and auto-close on evidence of remediation
- Evaluate and integrate AI/LLM tooling for triage, false-positive suppression, remediation guidance, and vulnerability research — with appropriate guardrails
- Lead technical response for emergency patch cycles on various technical platforms
Skills
- Bachelor's degree in Computer Science, Information Security, or related academic field or equivalent experience
- 5-7 years of professional experience in information security, with focus on the financial sector
- Hands-on experience deploying, configuring, and managing vulnerability scanning solutions at enterprise scale, including policy design, tuning for noise reduction, and managing performance impact (e.g. Tenable, Microsoft Defender, Wiz, Tanium.)
- Hands-on experience engineering, integrating, and optimizing for automation of security platforms (e.g. Swimlane, Elastic)
- Strong knowledge of public cloud platforms (e.g., AWS, Azure, GCP) from an infrastructure and development aspect and their related security features
- Familiarity with DevSecOps practices and CI/CD pipelines
- Understanding of industry security frameworks, standards, and best practices (e.g., NIST, ISO, CIS)
- Proficiency in one or more software programming languages (e.g. Python, Golang, JavaScript), particularly for automation of security platform operations, health monitoring, and integration tasks
- Strong communication and collaboration skills, with the ability to work closely with engineering, operations and infrastructure teams
- Familiarity with compliance standards and regulations
- Creativity and critical thinking with the ability to work both independently and collaboratively in a fast-paced environment
- Be able to serve as a mentor or subject matter expert to other members within the organization, particularly in the areas of vulnerability management and systems engineering
Benefits
- Employees who meet benefit eligibility guidelines and work 30 hours or more weekly, have the ability to enroll in Group 1001’s benefits package.
- Employees (and their families) are eligible to participate in the Company’s comprehensive health, dental, and vision insurance plan options.
- Employees are also eligible for Basic and Supplemental Life Insurance, Short and Long-Term Disability.
- All employees (regardless of hours worked) have immediate access to the Company’s Employee Assistance Program and wellness programs—no enrollment is required.
- Employees may also participate in the Company’s 401K plan, with matching contributions by the Company.
Company Overview
Company H1B Sponsorship