Vulnerability Management and Configuration Assurance Engineer Jobs in USA, MA, Springfield | Rose International Job

Required Education:

• Bachelor's Degree in Cybersecurity, Information Security, Computer Science, Information Technology, Engineering, or a related field

Required Qualifications/Skills/Experience:

• Deep hands-on experience with vulnerability management platforms such as Qualys, Wiz, Nessus, Rapid7, or similar tools
• Experience managing and optimizing enterprise vulnerability management programs
• Experience integrating security platforms with ServiceNow, CMDB, SIEM, SecOps, or related enterprise systems
• Strong automation and scripting experience using Python, PowerShell, or similar technologies
• Experience with configuration assurance and secure baseline validation
• Knowledge of cloud security principles across AWS, Azure, and GCP environments
• Experience developing dashboards, metrics, and security reporting
• Strong troubleshooting, root cause analysis, and problem-solving skills
• Strong communication and stakeholder engagement skills
• Experience supporting governance, compliance, and remediation initiatives

Preferred Qualifications/Skills/Experience:

• Experience supporting hybrid infrastructure environments
• Experience implementing automated vulnerability remediation workflows
• Experience with executive-level reporting and risk communication
• Experience mentoring technical teams and providing subject matter expertise
• Experience supporting regulatory compliance initiatives including NIST, CIS, ISO, and NY DFS frameworks

Vulnerability Management and Configuration Assurance Engineer Overview:

• The Vulnerability Management and Configuration Assurance (VMCA) Engineer is responsible for strengthening enterprise security by designing, implementing, and optimizing vulnerability management and configuration assurance capabilities across complex technology environments
• This role provides end-to-end ownership of the tools, integrations, automation processes, and reporting mechanisms that support enterprise-wide visibility into vulnerabilities and configuration risks
• The VMCA Engineer ensures vulnerability and configuration data remains accurate, actionable, and aligned with organizational security objectives
• The role focuses on improving vulnerability detection, remediation workflows, compliance monitoring, and risk reporting across on-premises, cloud, and hybrid environments
• Working closely with infrastructure, cloud, engineering, architecture, and security teams, the engineer supports the development of scalable security processes that enhance operational efficiency and reduce risk exposure
• This position also drives automation initiatives through scripting and platform integrations, enabling streamlined workflows and improved governance
• The engineer develops and maintains dashboards, metrics, and executive reporting to provide visibility into risk posture, remediation progress, and control effectiveness
• As a senior technical resource, the VMCA Engineer serves as a subject matter expert in vulnerability management and configuration assurance, providing technical guidance, mentoring, and strategic recommendations
• Success in this role requires strong analytical skills, technical expertise, problem-solving abilities, and the capability to translate complex security risks into actionable insights for both technical and executive stakeholders

Job Duties:

• Manage and optimize enterprise vulnerability management platforms
• Configure and maintain vulnerability scanning and reporting capabilities
• Develop integrations between security tools and enterprise platforms
• Automate vulnerability management and remediation processes using scripting technologies
• Monitor and validate secure configuration baselines
• Assess vulnerability and configuration risks across cloud and hybrid environments
• Develop and maintain security dashboards, metrics, and executive reporting
• Analyze vulnerability trends and remediation effectiveness
• Perform troubleshooting, root cause analysis, and platform optimization
• Collaborate with infrastructure, cloud, application, and security teams
• Support governance, compliance, and audit initiatives
• Provide technical guidance and mentorship to stakeholders and team members
• Drive process improvement and operational efficiency initiatives
• Support risk prioritization and remediation decision-making
• Only those lawfully authorized to work in the designated country associated with the position will be considered.
• Please note that all Position start dates and duration are estimates and may be reduced or lengthened based upon a client's business needs and requirements.