Job ID: JOB_ID_3762
Role Overview
The Security Subject Matter Expert (SME) Vulnerability Management is responsible for reviewing vulnerability management reports, validating findings, and providing hands-on remediation support across Application, Cloud, Infrastructure, and Security environments. This role serves as a technical advisor to engineering and security teams, ensuring vulnerabilities are accurately assessed, prioritized, and remediated in line with enterprise risk standards.
Key Responsibilities
- Vulnerability Report Review & Analysis
- Review vulnerability assessment reports from Application Security, Cloud Security, Infrastructure, and Endpoint scanning tools.
- Validate findings to identify false positives, duplicates, and non-actionable vulnerabilities.
- Analyze vulnerabilities based on severity, exploitability, asset criticality, and business impact.
- Risk Assessment & Prioritization
- Support risk-based prioritization using CVSS, threat intelligence, exploit availability, and exposure context.
- Identify critical and high-risk vulnerabilities requiring immediate remediation.
- Provide technical input for risk acceptance, exception handling, and compensating controls.
- Remediation Support & Validation
- Provide clear, actionable remediation guidance for applications, cloud workloads, operating systems, middleware, containers, and network components.
- Work closely with Application Owners, Cloud Engineers, Infrastructure, DevOps, and Security teams to explain vulnerabilities and remediation steps.
- Support remediation validation through re-scans and verification activities.
- Cross-Functional Collaboration
- Act as a technical SME supporting Vulnerability Management, AppSec, Cloud Security, SOC, and Infrastructure teams.
- Participate in remediation review meetings, backlog reduction initiatives, and POD-based remediation efforts.
- Support Program Managers and Architects with technical insights and remediation status updates.
- Documentation & Knowledge Management
- Develop and maintain remediation runbooks, SOPs, and technical guidance documents.
- Assist with audit evidence preparation, compliance validation, and management reporting.
- Contribute to continuous improvement of vulnerability management processes.
Required Skills & Qualifications
- Technical Skills
- Strong hands-on experience in Vulnerability Management and remediation.
- Working knowledge of:
- Application Security (SAST, DAST, SCA, API security)
- Cloud Security (AWS/Azure/GCP vulnerabilities, misconfigurations)
- Infrastructure & OS vulnerabilities (Windows, Linux, middleware, databases)
- Familiarity with vulnerability scanning and security tools (e.g., VM scanners, AppSec tools, CSPM/CNAPP platforms).
- Understanding of CVSS scoring, exploitability, and threat intelligence.
- Professional Skills
- Strong analytical and problem-solving skills.
- Ability to clearly explain technical vulnerabilities to engineering teams.
- Experience working in cross-functional, enterprise environments.
- Strong documentation and communication skills.
Desired / Nice-to-Have
- Experience supporting large vulnerability backlogs and remediation PODs.
- Exposure to ITSM tools (e.g., ServiceNow) for vulnerability tracking.
- Knowledge of compliance frameworks (ISO 27001, SOC 2, PCI-DSS, NIST).
- Security certifications (e.g., CEH, GWAPT, GCPN, AWS Security, OSCP) are a plus.
Special Requirements
Local only
Compensation & Location
Salary: $120,000 – $160,000 per year (Estimated)
Location: Sunnyvale, CA
Recruiter / Company – Contact Information
Recruiter / Employer: E-Solutions Inc.
Email: lobalapplications@googlegroups.com
Recruiter Notice:
To remove this job posting, please send an email from
lobalapplications@googlegroups.com with the subject:
DELETE_JOB_ID_3762