IT Technology Architect | Identity Management | IDAM-Design , work flow , Implementation
Share
Job Location:
Springfield, VT - USA
Monthly Salary:
Not Disclosed
Posted on:
3 hours ago
Vacancies:
1 Vacancy
Job Summary
Job title - Mobile Device Vulnerability Management & Configuration Compliance Engineer
Work location Springfield Boston or New York/ NJ
Is it Hybrid onsite or remote position Onsite
Tentative Start date Start Date will be decided based on candidate selection by client
Contract duration 12 months
Vendor rate 87.66
Does this position require Visa independent candidates only Yes
Minimum years of experience needed in the required skills- 5 years of experience
Minimum over all work experience required - 5 years
Domain Cyber Security : Application Security
JD:
The Mobile Device Vulnerability Management & Configuration Compliance Engineer will partner
with internal stakeholders to design validate and operationalize an automated mobile device
vulnerability scanning and configuration compliance capability across enterprise-issued mobile
endpoints (iOS/iPadOS and Android). This role leads proof-of-technology (PoT) activities including
tool evaluation architecture validation security controls mapping and pilot execution and drives
full-scale implementation through integration with other security tools such as MDM SIEM/SOAR
ITSM and asset inventory/CMDB systems.
The engineer will establish and maintain mobile vulnerability management processes aligned to
corporate and regulatory requirements develop continuous compliance and policy enforcement
strategies implement risk-based remediation workflows and deliver measurable improvements in
mobile endpoint security posture.
Key Responsibilities
Define PoT scope success criteria and test plans for automated mobile vulnerability
scanning (e.g. agent-based/agentless MDM-integrated API-driven).
Evaluate candidate tools for: coverage (OS/app/cert/profile) detection accuracy
scalability device impact privacy controls and reporting fidelity.
Execute pilots across representative device populations validating:
o vulnerability detection capabilities (OS versions CVEs patch levels risky apps)
o configuration compliance checks (encryption jailbreak/root screen lock OS
hardening)
o integration readiness (Intune/Workspace ONE/Jamf; SIEM; ITSM; CMDB)
Produce PoT outcomes: findings risk analysis cost/benefit architecture decision record
and go/no-go recommendation.
Coordinate with InfoSec and Compliance teams to ensure SaaS platform posture aligns with
regulatory requirements (NYDFS).
Build and run mobile vulnerability lifecycle processes: discovery assessment prioritization
remediation validation reporting.
Establish severity/risk scoring tuned for mobile (exposure device role app risk compliance
impact).
Coordinate remediation with endpoint engineering mobility admins app owners and
operations teams.
Validate remediation effectiveness using scanner re-runs policy compliance and audit
evidence.
Develop deploy and continuously improve baseline security configurations for iOS/iPadOS
and Android.
Translate requirements into enforceable policies (password/biometrics encryption OS
update controls app controls certificate/profile constraints VPN/Wi-Fi security logging
settings).
Implement compliance monitoring and drift detection; drive automated or semi-automated
corrective actions.
Build automation scripts and APIs to normalize and enrich findings
Support change management and communications for new controls impacting device
behavior and user experience.
Provide technical guidance and training to operations teams for ongoing support.
Required Skills
Mobile OS security fundamentals: iOS/iPadOS and Android security models patching
permissions app ecosystems jailbreak/root detection concepts.
Vulnerability management expertise: CVE/patch lifecycle risk-based prioritization SLAs
validation metrics.
Configuration compliance: baseline hardening policy enforcement continuous compliance
monitoring and drift remediation.
Mobility Scanning Tool Experience (hands-on): Qualys Mobile VMDR Lookout Workspace
One Microsoft Threat Defense or equivalent.
MDM experience (hands-on): Microsoft Intune Omnissa Workspace ONE Jamf Pro or
equivalent.
Enterprise integration skills: API integration data normalization and automation with
SIEM/SOAR/ITSM (e.g. Splunk Sentinel QRadar; XSOAR Sentinel SOAR; ServiceNow).
Identity & access: conditional access concepts device compliance states SSO
certificates MFA posture-based access controls.
Scripting/automation: PowerShell and/or Python; familiarity with REST APIs JSON OAuth
and secrets management.
Security documentation: ability to author PoT plans architecture diagrams operational
runbooks and audit evidence.
Excellent documentation and stakeholder management skills.
Strong analytical and problem-solving skills.
Excellent communication and stakeholder management skills; experience presenting PoT
results and recommendations.
Ability to work independently and across multifunctional teams.
Detail-oriented with a focus on process improvement and operational excellence.
Ability to manage multiple workstreams (pilot integration operations) with minimal
supervision.
Familiarity with NIST CIS Benchmarks DISA STIG (mobile) ISO 27001 control mapping or
similar frameworks.
Educational Requirements
Bachelor s degree in Cybersecurity Information Systems Computer Science Engineering
or equivalent practical experience.
Relevant Certifications
CompTIA Security CySA
GIAC: GSEC GMON or related (if available/appropriate)
Qualys/Rapid7/Tenable (or equivalent vulnerability platform certifications where relevant)
Governance / Risk / Architecture (bonus)
CISSP CISM CCSP
ITIL Foundation (for ITSM integration and operations maturity)
Experience Level
5 8 years in cybersecurity/endpoint security with 2 4 years specifically in mobile/UEM
security vulnerability management or compliance engineering.
Interview mode - In person/Virtual : Virtual
How many rounds of interview minimum 2 rounds. Project Code :Mobile Device Vulnerability Management a
Work location Springfield Boston or New York/ NJ
Is it Hybrid onsite or remote position Onsite
Tentative Start date Start Date will be decided based on candidate selection by client
Contract duration 12 months
Vendor rate 87.66
Does this position require Visa independent candidates only Yes
Minimum years of experience needed in the required skills- 5 years of experience
Minimum over all work experience required - 5 years
Domain Cyber Security : Application Security
JD:
The Mobile Device Vulnerability Management & Configuration Compliance Engineer will partner
with internal stakeholders to design validate and operationalize an automated mobile device
vulnerability scanning and configuration compliance capability across enterprise-issued mobile
endpoints (iOS/iPadOS and Android). This role leads proof-of-technology (PoT) activities including
tool evaluation architecture validation security controls mapping and pilot execution and drives
full-scale implementation through integration with other security tools such as MDM SIEM/SOAR
ITSM and asset inventory/CMDB systems.
The engineer will establish and maintain mobile vulnerability management processes aligned to
corporate and regulatory requirements develop continuous compliance and policy enforcement
strategies implement risk-based remediation workflows and deliver measurable improvements in
mobile endpoint security posture.
Key Responsibilities
Define PoT scope success criteria and test plans for automated mobile vulnerability
scanning (e.g. agent-based/agentless MDM-integrated API-driven).
Evaluate candidate tools for: coverage (OS/app/cert/profile) detection accuracy
scalability device impact privacy controls and reporting fidelity.
Execute pilots across representative device populations validating:
o vulnerability detection capabilities (OS versions CVEs patch levels risky apps)
o configuration compliance checks (encryption jailbreak/root screen lock OS
hardening)
o integration readiness (Intune/Workspace ONE/Jamf; SIEM; ITSM; CMDB)
Produce PoT outcomes: findings risk analysis cost/benefit architecture decision record
and go/no-go recommendation.
Coordinate with InfoSec and Compliance teams to ensure SaaS platform posture aligns with
regulatory requirements (NYDFS).
Build and run mobile vulnerability lifecycle processes: discovery assessment prioritization
remediation validation reporting.
Establish severity/risk scoring tuned for mobile (exposure device role app risk compliance
impact).
Coordinate remediation with endpoint engineering mobility admins app owners and
operations teams.
Validate remediation effectiveness using scanner re-runs policy compliance and audit
evidence.
Develop deploy and continuously improve baseline security configurations for iOS/iPadOS
and Android.
Translate requirements into enforceable policies (password/biometrics encryption OS
update controls app controls certificate/profile constraints VPN/Wi-Fi security logging
settings).
Implement compliance monitoring and drift detection; drive automated or semi-automated
corrective actions.
Build automation scripts and APIs to normalize and enrich findings
Support change management and communications for new controls impacting device
behavior and user experience.
Provide technical guidance and training to operations teams for ongoing support.
Required Skills
Mobile OS security fundamentals: iOS/iPadOS and Android security models patching
permissions app ecosystems jailbreak/root detection concepts.
Vulnerability management expertise: CVE/patch lifecycle risk-based prioritization SLAs
validation metrics.
Configuration compliance: baseline hardening policy enforcement continuous compliance
monitoring and drift remediation.
Mobility Scanning Tool Experience (hands-on): Qualys Mobile VMDR Lookout Workspace
One Microsoft Threat Defense or equivalent.
MDM experience (hands-on): Microsoft Intune Omnissa Workspace ONE Jamf Pro or
equivalent.
Enterprise integration skills: API integration data normalization and automation with
SIEM/SOAR/ITSM (e.g. Splunk Sentinel QRadar; XSOAR Sentinel SOAR; ServiceNow).
Identity & access: conditional access concepts device compliance states SSO
certificates MFA posture-based access controls.
Scripting/automation: PowerShell and/or Python; familiarity with REST APIs JSON OAuth
and secrets management.
Security documentation: ability to author PoT plans architecture diagrams operational
runbooks and audit evidence.
Excellent documentation and stakeholder management skills.
Strong analytical and problem-solving skills.
Excellent communication and stakeholder management skills; experience presenting PoT
results and recommendations.
Ability to work independently and across multifunctional teams.
Detail-oriented with a focus on process improvement and operational excellence.
Ability to manage multiple workstreams (pilot integration operations) with minimal
supervision.
Familiarity with NIST CIS Benchmarks DISA STIG (mobile) ISO 27001 control mapping or
similar frameworks.
Educational Requirements
Bachelor s degree in Cybersecurity Information Systems Computer Science Engineering
or equivalent practical experience.
Relevant Certifications
CompTIA Security CySA
GIAC: GSEC GMON or related (if available/appropriate)
Qualys/Rapid7/Tenable (or equivalent vulnerability platform certifications where relevant)
Governance / Risk / Architecture (bonus)
CISSP CISM CCSP
ITIL Foundation (for ITSM integration and operations maturity)
Experience Level
5 8 years in cybersecurity/endpoint security with 2 4 years specifically in mobile/UEM
security vulnerability management or compliance engineering.
Interview mode - In person/Virtual : Virtual
How many rounds of interview minimum 2 rounds. Project Code :Mobile Device Vulnerability Management a
