Vulnerability Engineer (US Remote)

📋 Description

• • Own the end-to-end vulnerability management lifecycle for a Fortune-500-scale environment that spans on-prem data centers and multi-cloud footprints (AWS, Azure, GCP). You will configure, tune, and run recurring and ad-hoc scans with tools such as Tenable, Qualys, Rapid7, or similar, then enrich raw findings with threat-intel to produce risk-ranked reports that executives, engineers, and auditors can all understand.
• • Serve as the authoritative voice on emerging CVEs, zero-days, and misconfigurations. Each week you will digest vendor advisories, CERT alerts, exploit-DB posts, and dark-web chatter; translate that intelligence into plain-language briefings; and recommend precise compensating controls until patches can be safely deployed.
• • Partner with DevOps, SRE, and product squads to embed security into CI/CD. You will write Infrastructure-as-Code snippets, container image policies, and Terraform modules that automatically fail builds when critical vulnerabilities are introduced, shrinking mean-time-to-remediate from weeks to hours.
• • Build and maintain risk-based SLAs that balance business uptime with security imperatives. You will track remediation burndown in Jira or ServiceNow dashboards, escalate overdue items to engineering leadership, and celebrate wins when teams hit “zero criticals” milestones.
• • Automate the boring stuff. Using Python, PowerShell, or Go you will script scan kick-offs, ticket creation, exception handling, and evidence collection for SOC 2, PCI-DSS, HIPAA, and FedRAMP controls—freeing yourself and teammates for higher-order threat hunting.
• • Contribute to incident response. When red-team or real-world attackers strike, you will pivot from vulnerability data to identify blast radius, recommend containment steps, and supply forensic artifacts that help IR partners eradicate footholds and prevent re-entry.
• • Continuously improve the program. You will benchmark our maturity against NIST CSF and CIS 18, propose new KPIs, pilot cutting-edge tools (EPSS, SBOM scanners, CNAPP), and present quarterly roadmap updates to the CISO and Board Risk Committee.
• • Mentor junior analysts and run lunch-and-learn sessions on topics like “Exploit Chaining 101” or “Container Escape Techniques,” cultivating a culture where every engineer thinks like an attacker and defends by design.
• • Champion diversity and inclusion. First Advantage is on a mission to mirror the communities we serve; you will help recruit, interview, and onboard teammates from under-represented groups, ensuring our security team benefits from every perspective.