Vulnerability Engineer

Role : Rapid7 Vulnerability Management Lead

Location: Dallas TX Onsite 3 Days Hybrid (Need only local candidates) Dont get me the candidates from Houston Austin San Antoni
Experience: 8 years
Duration : 1 year

Role Summary

The Rapid7 Vulnerability Management Lead will serve as a critical enabler within the BDSC (Boeing Digital Security Center) organization driving enterprise-wide vulnerability management operations using the Rapid7 Insight-VM platform. This role is the central coordination hub between Boeings SOX compliance team and infrastructure operations ensuring vulnerabilities are identified prioritized tracked and remediated in alignment with Boeings security standards regulatory requirements and organizational risk appetite.

The ideal candidate is a hands-on detail-oriented security professional who combines deep Rapid7 platform expertise with strong cross-team collaboration skills and the ability to translate vulnerability data into clear actionable risk insights for both technical teams and leadership.

Key Responsibilities

• Monitor Rapid7 dashboards and reports to identify critical and high-severity vulnerabilities.
• Track vulnerability remediation progress and follow up with infrastructure teams (Windows Linux Network Endpoint).
• Coordinate remediation activities and escalate blockers when required.
• Create and track Corrective Action Plans (CAPs) for vulnerabilities that require formal risk tracking.
• Perform vulnerability trend analysis and track aging vulnerabilities.
• Prepare weekly vulnerability status reports and dashboards for leadership review.
• Work with Rapid7 tool owners to review scan configurations and improve coverage.
• Ensure vulnerability management activities align with Boeing security standards.
• Log in to and manage daily operations within the Rapid7 platform (Insight-VM) including dashboards reports and asset views.
• Monitor Rapid7 dashboards to identify and prioritize critical and high-severity vulnerabilities.
• Customize and maintain Rapid7 dashboards and reporting views to improve visibility for security and leadership teams.
• Support scan configuration review fine-tuning and coverage validation to ensure accurate vulnerability detection.
• Perform vulnerability trend analysis aging analysis and risk prioritization based on severity and exposure.
• Support asset inventory alignment and cleanup within Rapid7 to ensure accurate scan coverage.
• Identify stale inactive or duplicate devices in Rapid7 and coordinate with the tool owner and infrastructure teams for cleanup and asset alignment.
• Collaborate with the Rapid7 tool owner and security teams to improve scan coverage reporting visibility and vulnerability tracking effectiveness.
• Vulnerability Exception Handling & False Positive Validation
• Remediation Projects & Workflow Management in Rapid7
• Ensure appropriate asset onboarding and scan coverage across infrastructure environments.

Required Skills

Core Competency Requirements

• Strong hands-on experience with Rapid7 Insight-VM / Rapid7 Vulnerability Management platform
• Demonstrated experience in vulnerability analysis remediation coordination and security reporting
• Solid knowledge of CVSS scoring vulnerability lifecycle and industry-standard remediation practices
• Proven experience creating and maintaining Rapid7 dashboards reports and analytics views
• Ability to coordinate and collaborate with multiple infrastructure security and compliance teams
• Experience creating and managing Corrective Action Plans (CAPs) and formal risk tracking documentation
• Familiarity with Boeing security standards or equivalent enterprise-level security governance frameworks

Preferred / Nice-to-Have Skills

• Experience working within SOX-aligned or compliance-driven security environments
• Experience with ticketing platforms for vulnerability tracking (ServiceNow Jira Remedy)