Vulnerability Management Engineer
Job Description
About the Role
As a Vulnerability Management Engineer at Workstreet, you will be responsible for identifying, prioritizing, and fixing vulnerabilities across client environments, including direct patch deployment into AWS, Azure, and GCP. You will work closely with client IT, DevOps, and security teams to move findings from open to closed as efficiently as possible, using risk-based prioritization to make sure the right things get fixed first.
This role requires a consultative and hands-on approach, with a focus on seamless integration of scanning infrastructure management with high-touch client advisory. You will serve as the primary security advisor for an assigned portfolio of fast-growth startups, helping them identify, prioritize, and fix risks.
Key Responsibilities
- Orchestrate Vulnerability Scanning Infrastructure: Configure, schedule, and maintain authenticated credentials, scan policies, and asset groups across client networks and cloud-native environments using enterprise platforms (Tenable/Nessus, Qualys, Rapid7 InsightVM, and Vanta).
- Execute Threat Analysis and Risk Prioritization: Evaluate raw scan outputs and filter false positives; apply advanced risk-based prioritization data utilizing CVSS base scores, EPSS real-time exploit indices, global threat intelligence feeds, and critical client asset contexts.
- Drive Collaborative Remediation and Governance: Translate technical vulnerabilities into clear, actionable architectural guidance and patch-management workflows; partner directly inside the trenches with client software engineers and IT teams to multi-thread remediation efforts and accelerate their sub-30-day time-to-remediate velocity.
- Manage Exceptions and Audit Compliance: Document, verify, and track formal client requests for temporary vulnerability exceptions or long-term risk acceptances; map operational patching data directly to control evidence required for regulatory audits (SOC 2, ISO 27001, HIPAA, CMMC, and NIST).
- Own the Advisory Client Experience: Act as the strategic primary point of contact and trusted security advisor for an assigned portfolio of fast-growth startups; deliver regular project milestones, handle high-priority technical escalations with calm professionalism, and generate regular status reports and executive summaries that communicate technical risk as clear business value.
Skills & Qualifications
- Hands-on configuration and operational experience with one or more vulnerability management scanning platforms (Tenable/Nessus, Qualys, Rapid7 InsightVM, or Vanta).
- A deep, accurate understanding of vulnerability scoring systems (CVSS, EPSS indices) and data-driven, risk-based prioritization methodologies.
- The explicit ability to interpret raw scan outputs, filter out false positives, and seamlessly translate complex technical findings into business-relevant risk language for corporate stakeholders.
- Foundational familiarity with common vulnerability classes, cloud container exposures, configuration defects, and exploit vectors across cloud, OS, application, and network infrastructure layers.
- Working knowledge of standard information security compliance frameworks (such as SOC 2, ISO 27001, HIPAA, or CMMC) and how automated infrastructure scanning maps to regulatory audit evidence.
- A highly consultative, client-centric approach to engineering delivery; utilizing technical documentation, professional written summaries, and clear milestone mapping to manage multiple client engagements simultaneously and interact directly with US-based tech founders.
What You'll Learn
In this role, you will gain hands-on experience with vulnerability management scanning platforms, risk-based prioritization methodologies, and cloud-native vulnerability surfaces. You will also develop strong communication and project management skills, working closely with clients to identify and prioritize risks.
As a Vulnerability Management Engineer at Workstreet, you will have the opportunity to work on a wide range of projects, from identifying and prioritizing vulnerabilities to developing remediation plans and implementing patch management workflows. You will also have the chance to work with a variety of clients, from fast-growth startups to established enterprises.
Resume Tip
When applying for this role, be sure to highlight your hands-on experience with vulnerability management scanning platforms, as well as your understanding of risk-based prioritization methodologies and cloud-native vulnerability surfaces. Emphasize your ability to interpret raw scan outputs, filter out false positives, and translate
Skills Required
Before you hit Apply
Stand out — don't just apply blindly
Most freshers apply without a proper resume or strategy. These guides take 10 minutes and give you a real edge.
Ask for a Referral
Find people at workstreet who can refer you
A referral can 5× your chance of getting shortlisted. Message these people politely on LinkedIn.
Could not load referrals right now.
Search on LinkedIn yourselfDon't just connect — say something that works
Read this to actually get a reply from recruiters & referrals →
Read the guides above before applying — it takes 10 mins and doubles your chances 🚀
Similar Job Openings
Explore more job openings in this category from companies actively hiring.
Help Us to Improve
Did this listing help? Tell us what to improve.
Got it — what would have made it perfect?
One sentence is enough. We're not grading you.
Got it.
We're reading this in Udupi over coffee. We'll reply soon. Add an email next time if you want a response. — Team EasyPlace
Thanks for the feedback last time
Got more thoughts? We're still listening.
Ready to Launch Your Career?
Discover internships and job opportunities from top companies. Start applying today and take the next step toward your dream career.
View All Openings