Senior Vulnerability Management Engineer
Share
Job Location:
Foster, CA - USA
Monthly Salary:
Not Disclosed
Posted on:
21 hours ago
Vacancies:
1 Vacancy
Job Summary
We are seeking a highly experienced and technically proficient Senior Vulnerability Management Engineer to lead and mature our enterprise vulnerability management program. This critical role involves architecting implementing and optimizing vulnerability scanning and remediation processes with a strong emphasis on automation securing our cloud infrastructure and managing traditional on-premises systems. The ideal candidate will be a subject matter expert in cloud and traditional security possess advanced scripting capabilities and be adept at driving significant security improvements across large complex environments.
In This Role You Will...
- Lead the Vulnerability Management Program: Strategically design implement and continuously mature the vulnerability scanning and management program across the enterprise including on-premises infrastructure (servers network devices) applications containers and complex cloud environments.
- Automation and Engineering: Architect develop and maintain robust automation pipelines to integrate vulnerability scanners with cloud APIs asset inventory and orchestration tools significantly reducing manual efforts and improving data accuracy.
- Cloud and Infrastructure Security Expertise: Serve as a subject matter expert for identifying assessing and remediating vulnerabilities specific to both cloud and on-premises services and configurations.
- Risk Analysis and Prioritization: Continuously refine the risk-based prioritization methodology ensuring the highest severity and most exploitable vulnerabilities are addressed first collaborating closely with development and infrastructure teams.
- Tool Management: Evaluate deploy configure and maintain advanced vulnerability scanning platforms (e.g. Tenable Qualys Rapid7) ensuring optimal coverage accuracy and integration across the hybrid environment.
- Mentorship and Documentation: Mentor junior team members develop detailed technical documentation and define best practices for vulnerability identification reporting and remediation.
- Reporting and Metrics: Define track and present advanced security metrics (KPIs/KRIs) and management-level reports on the overall vulnerability posture remediation trends and program effectiveness.
- Process Improvement: Drive measurable improvements in the mean time to detect (MTTD) and mean time to remediate (MTTR) vulnerabilities.
Qualifications
- 7 years of progressive experience in Information Security with at least 3 years dedicated to a senior/lead role in Vulnerability Management.
- High-level proficiency in scripting for developing security automation API integration data manipulation and building custom security and reporting tools.
- Deep hands-on experience securing large-scale cloud environments and traditional on-premises enterprise systems.
- Expertise in administering and tuning enterprise-grade vulnerability scanning solutions (e.g. Qualys Rapid7 Nexpose) across both cloud and on-premises assets.
- Thorough understanding of vulnerability scoring standards (CVSS v3) and the methodologies used to prioritize risks based on business context and threat intelligence.
- Experience with CI/CD pipeline security DevSecOps practices and integrating security testing into the development lifecycle.
Bonus Qualifications
- Experience with advanced data analytics platforms (e.g. ELK Stack) for security data visualization and correlation.
- Direct experience with container and orchestration security scanning (e.g. Docker Kubernetes).
- Experience in developing solutions leveraging configuration management tools (e.g. Terraform Ansible Chef).
$190000 - $228000 a year
Base Salary Range
There are three major components to compensation for this position: salary Amazon Restricted Stock Units (RSUs) and Zoox Stock Appreciation Rights. A sign-on bonus may be offered as part of the compensation package. The listed range applies only to the base salary. Compensation will vary based on geographic location and level. Leveling as well as positioning within a level is determined by a range of factors including but not limited to a candidates relevant years of experience domain knowledge and interview performance. The salary range listed in this posting is representative of the range of levels Zoox is considering for this position.
Zoox also offers a comprehensive package of benefits including paid time off (e.g. sick leave vacation bereavement) unpaid time off Zoox Stock Appreciation Rights Amazon RSUs health insurance long-term care insurance long-term and short-term disability insurance and life insurance.
About Zoox
Zoox is developing the first ground-up fully autonomous vehicle fleet and the supporting ecosystem required to bring this technology to market. Sitting at the intersection of robotics machine learning and design Zoox aims to provide the next generation of mobility-as-a-service in urban environments. Were looking for top talent that shares our passion and wants to be part of a fast-moving and highly execution-oriented team.
Accommodations
If you need an accommodation to participate in the application or interview process please reach out to emailprotected or your assigned recruiter.
A Final Note:
We may use artificial intelligence (AI) tools to support parts of the hiring process such as reviewing applications analyzing resumes or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed please contact us.
Required Experience:
Senior IC
About Company
We’re reinventing personal transportation—making the future safer, cleaner, and more enjoyable for everyone. This is on-demand autonomous ride-hailing.
