[Remote] Senior Security Vulnerability Engineer

Note: The job is a remote job and is open to candidates in USA. AspenView Technology Partners is dedicated to transforming how organizations utilize technology, focusing on building high-performing IT teams for North American clients. They are seeking a Senior Security Vulnerability Engineer to lead and enhance a scalable vulnerability management program, collaborating across teams to ensure effective identification and remediation of vulnerabilities.

Responsibilities

• Own and advance the enterprise vulnerability management lifecycle — scanning, triage, risk scoring, remediation tracking, validation, and continuous improvement
• Leverage AI systems to automate patches and configuration changes, driving toward near real-time exploit resolution
• Optimize the vulnerability management platform for accurate, automated, and scalable coverage across infrastructure, applications, and cloud environments
• Develop executive-level metrics and reporting to drive accountability and communicate vulnerability posture to leadership
• Apply a risk-based prioritization model using CVSS, system criticality, threat intelligence, and compensating controls to determine remediation urgency
• Partner cross-functionally with Red Team, IT, Engineering, SRE, and Compliance to identify and mitigate risks tied to end-of-life systems and cloud-native vulnerabilities
• Manage scanning exemptions and vulnerability exceptions through their full lifecycle, including documentation, justification, and remediation tracking
• Drive visibility and remediation of cloud misconfigurations, exposed services, and over-permissioned identities across the organization

Skills

• Bachelor's degree in Computer Science, Information Security, or a related field — or equivalent practical experience
• 8+ years in cybersecurity, with at least 3 years focused on vulnerability management or risk management in a SaaS environment
• Hands-on expertise with vulnerability management platforms such as Wiz, Tenable, Qualys, Rapid7, Vulcan, or Kenna
• Strong command of CVSS, patch management, remediation SLA management, and risk-based prioritization
• Solid understanding of operating systems (Windows, Linux, macOS), networking, and major cloud platforms (AWS, Azure, GCP)
• Experience with CSPM/CNAPP platforms such as Wiz, Prisma Cloud, or Orca
• Excellent analytical and communication skills with a track record of influencing stakeholders at all levels
• Experience with container security and cloud-native environments (Docker, Kubernetes, serverless)
• Knowledge of security frameworks such as NIST CSF, PCI DSS, SOC 2, or ISO 27001
• Experience automating remediation workflows or integrating vulnerability data into Jira or ServiceNow
• Relevant certifications: CISSP, CISM, OSCP, GIAC/GVMS, or cloud security certifications

Benefits

• Competitive base
• Comprehensive benefits and wellness support
• Flexible work model: hybrid, remote, or in-office
• Real growth opportunities and leadership visibility
• Inclusive, respectful culture that blends U.S. innovation with Colombian heart
• A company that listens, invests in you, and celebrates wins together

Company Overview