Vulnerability Management Security SME Architect
Share
Job Location:
Sunnyvale, CA - USA
Monthly Salary:
Not Disclosed
Posted on:
7 hours ago
Vacancies:
1 Vacancy
Job Summary
Role: Vulnerability Management - Security SME / Architect
Location: Sunnyvale CA 94085 (100% Onsite)
C2C
Role Overview
The Security Subject Matter Expert (SME) Vulnerability Management is responsible for reviewing vulnerability management reports validating findings and providing hands-on remediation support across Application Cloud Infrastructure and Security environments. This role serves as a technical advisor to engineering and security teams ensuring vulnerabilities are accurately assessed prioritized and remediated in line with enterprise risk standards.
Key Responsibilities
Vulnerability Report Review & Analysis
- Review vulnerability assessment reports from Application Security Cloud Security Infrastructure and Endpoint scanning tools.
- Validate findings to identify false positives duplicates and non-actionable vulnerabilities.
- Analyze vulnerabilities based on severity exploitability asset criticality and business impact.
Risk Assessment & Prioritization
- Support risk-based prioritization using CVSS threat intelligence exploit availability and exposure context.
- Identify critical and high-risk vulnerabilities requiring immediate remediation.
- Provide technical input for risk acceptance exception handling and compensating controls.
Remediation Support & Validation
- Provide clear actionable remediation guidance for applications cloud workloads operating systems middleware containers and network components.
- Work closely with Application Owners Cloud Engineers Infrastructure DevOps and Security teams to explain vulnerabilities and remediation steps.
- Support remediation validation through re-scans and verification activities.
Cross-Functional Collaboration
- Act as a technical SME supporting Vulnerability Management AppSec Cloud Security SOC and Infrastructure teams.
- Participate in remediation review meetings backlog reduction initiatives and POD-based remediation efforts.
- Support Program Managers and Architects with technical insights and remediation status updates.
Documentation & Knowledge Management
- Develop and maintain remediation runbooks SOPs and technical guidance documents.
- Assist with audit evidence preparation compliance validation and management reporting.
- Contribute to continuous improvement of vulnerability management processes.
Required Skills & Qualifications
Technical Skills
- Strong hands-on experience in Vulnerability Management and remediation.
- Working knowledge of:
- Application Security (SAST DAST SCA API security)
- Cloud Security (AWS/Azure/GCP vulnerabilities misconfigurations)
- Infrastructure & OS vulnerabilities (Windows Linux middleware databases)
- Familiarity with vulnerability scanning and security tools (e.g. VM scanners AppSec tools CSPM/CNAPP platforms).
- Understanding of CVSS scoring exploitability and threat intelligence.
Professional Skills
- Strong analytical and problem-solving skills.
- Ability to clearly explain technical vulnerabilities to engineering teams.
- Experience working in cross-functional enterprise environments.
- Strong documentation and communication skills.
Desired / Nice-to-Have
- Experience supporting large vulnerability backlogs and remediation PODs.
- Exposure to ITSM tools (e.g. ServiceNow) for vulnerability tracking.
- Knowledge of compliance frameworks (ISO 27001 SOC 2 PCI-DSS NIST).
Key Skills
- APIs
- Pegasystems
- Spring
- SOAP
- .NET
- Hybris
- Solution Architecture
- Service-Oriented Architecture
- Adobe Experience Manager
- J2EE
- Java
- Oracle
