Senior Vulnerability Management Engineer

Connecting clients to markets and talent to opportunity.

With 5400 employees and over 80000 institutional commercial and payments clients we operate from more than 80 offices spread across six continents. As a Fortune 100 Nasdaq-listed provider we connect clients to the global markets focusing on innovation human connection and providing world-class products and services to all types of investors.

Whether you want to forge a career connecting our retail clients to potential trading opportunities or ingrain yourself in the world of institutional investing StoneX Group is made up of four business segments that offer endless potential for progression and growth.

Business Segment Overview: Engage in a deep variety of business-critical activities that keep our company running efficiently. From strategic marketing and financial management to human resources and operational oversight youll have the opportunity to optimize processes and implement game-changing policies.

Position Purpose:

The Senior Vulnerability Management Engineer is responsible for the technical ownership reliability and continuous improvement of the organizations vulnerability and exposure management capabilities across infrastructure applications and cloud environments. This role focuses on ensuring accurate visibility high-fidelity data and well-integrated tooling to support risk-based decision making and effective remediation.

Technology Ecosystem:

• Front-End: Vulnerability dashboards and reporting platforms (Tenable Qualys Rapid7 Microsoft Defender Vulnerability Management Armis VIPR)
• Back End: Vulnerability scanners data pipelines integrations and ticketing platforms (ServiceNow Jira)
• Exposure Management & Asset Intelligence: Armis Centrix External Attack Surface Management tools Continuous Threat Exposure Management (CTEM) tools
• Cloud: AWS Azure GCP

Primary duties will include:

• Operate and maintain vulnerability and exposure management platforms including execution validation and troubleshooting of scanning activities ensuring accurate configuration comprehensive coverage and high-fidelity results across enterprise environments.
• Serve as a senior technical subject matter expert resolving complex issues improving platform performance and enhancing vulnerability management capabilities.
• Correlate vulnerability data with asset criticality vulnerability intelligence and exploitability indicators to support risk-based prioritization efforts.
• Engineer and maintain dashboards reporting and data pipelines to enable visibility into vulnerability posture trends and operational metrics.
• Develop maintain and enhance engineering processes and documentation for vulnerability and exposure management tooling including scanning exception handling and compliance reporting.
• Lead proof of concepts (PoCs) to evaluate implement and optimize vulnerability and exposure management tooling and automation integrating with asset management CMDB ticketing and security platforms to enhance vulnerability detection prioritization and remediation workflows.
• Evaluate build and deploy AI/ML-assisted tooling for VM lifecycle management capacity planning and anomaly detection.

This list of duties and responsibilities is not intended to be all-inclusive and can be expanded to include other duties or responsibilities that management deems necessary.

To land this role you will need:

• 57 years of overall technology experience including at least 35 years in vulnerability management exposure management or information security engineering roles with hands-on responsibility for tooling and platforms.
• Strong hands-on experience operating configuring optimizing and troubleshooting vulnerability management and exposure management tools (Tenable Qualys Rapid7 Microsoft Defender Vulnerability Management Armis Centrix/VIPR and exposure management platforms such as EASM and CTEM tools).
• Solid understanding of enterprise environments including operating systems (Windows Linux MacOS) cloud platforms (AWS Azure GCP) networking and identity systems.
• Working knowledge of vulnerability prioritization methodologies (CVSS EPSS) vulnerability intelligence (CISA KEV) and their application to risk-based decision making.
• Strong analytical technical problem-solving and communication skills with the ability to diagnose complex issues improve system performance and work independently while collaborating effectively with emotional intelligence.

What makes you stand out:

• Experience integrating vulnerability management tools with exposure management and vulnerability prioritization platforms ticketing systems (ServiceNow Jira) asset management SIEM (Splunk Sentinel) or SOAR.
• Experience building or enhancing automation and workflows using scripting languages (Python PowerShell).
• Experience collaborating with threat intelligence or red team functions to assess exploitability.
• Familiarity with security frameworks and regulatory requirements (CIS NIST CSF PCI ISO SOX FINRA ITIL).

Education / Certification Requirements:

• Associates Bachelors or Masters degree in Information Security Information Assurance Information Systems Computer Science Engineering Sciences STEM or a related field (or equivalent hands-on experience).
• SANS related certifications (GSEC GCIA GCED GCIH GCCC GMON GPEN GEVA etc.).
• Additional relevant certifications may be considered.

Work environment:

• Office located in São Paulo
• Hybrid model (4 days/week in the office 1 day/week remote)

Benefits:

• Medical and life insurance
• Public Transportation Voucher
• Meal and food allowances
• TotalPass or Gympass

#LI-Hybrid #LI-DK1