Job ID: JOB_ID_3617
Job Summary:
Quantum World Technologies Inc. is seeking an experienced Vulnerability Management – Security SME / Architect to join their team. This role is critical for reviewing vulnerability reports, validating findings, and providing hands-on remediation support across various environments including Application, Cloud, Infrastructure, and Security. The ideal candidate will act as a technical advisor, ensuring vulnerabilities are accurately assessed, prioritized, and remediated according to enterprise risk standards. This is an onsite position requiring video interviews.
Key Responsibilities:
- Vulnerability Report Review & Analysis: Review vulnerability assessment reports from Application Security, Cloud Security, Infrastructure, and Endpoint scanning tools. Validate findings to identify false positives, duplicates, and non-actionable vulnerabilities. Analyze vulnerabilities based on severity, exploitability, asset criticality, and business impact.
- Risk Assessment & Prioritization: Support risk-based prioritization using CVSS, threat intelligence, exploit availability, and exposure context. Identify critical and high-risk vulnerabilities requiring immediate remediation. Provide technical input for risk acceptance, exception handling, and compensating controls.
- Remediation Support & Validation: Provide clear, actionable remediation guidance for applications, cloud workloads, operating systems, middleware, containers, and network components. Work closely with Application Owners, Cloud Engineers, Infrastructure, DevOps, and Security teams to explain vulnerabilities and remediation steps. Support remediation validation through re-scans and verification activities.
- Cross-Functional Collaboration: Act as a technical SME supporting Vulnerability Management, AppSec, Cloud Security, SOC, and Infrastructure teams. Participate in remediation review meetings, backlog reduction initiatives, and POD-based remediation efforts. Support Program Managers and Architects with technical insights and remediation status updates.
- Documentation & Knowledge Management: Develop and maintain remediation runbooks, SOPs, and technical guidance documents. Assist with audit evidence preparation, compliance validation, and management reporting. Contribute to the continuous improvement of vulnerability management processes.
Required Skills & Qualifications:
- Technical Skills: Strong hands-on experience in Vulnerability Management and remediation. Working knowledge of Application Security (SAST, DAST, SCA, API security), Cloud Security (AWS/Azure/GCP vulnerabilities, misconfigurations), and Infrastructure & OS vulnerabilities (Windows, Linux, middleware, databases). Familiarity with vulnerability scanning and security tools (e.g., VM scanners, AppSec tools, CSPM/CNAPP platforms). Understanding of CVSS scoring, exploitability, and threat intelligence.
- Professional Skills: Strong analytical and problem-solving skills. Ability to clearly explain technical vulnerabilities to engineering teams. Experience working in cross-functional, enterprise environments. Strong documentation and communication skills.
Desired / Nice-to-Have:
- Experience supporting large vulnerability backlogs and remediation PODs.
- Exposure to ITSM tools (e.g., ServiceNow) for vulnerability tracking.
- Knowledge of compliance frameworks (ISO 27001, SOC 2, PCI-DSS, NIST).
- Security certifications (e.g., CEH, GWAPT, GCPN, AWS Security, OSCP) are a plus.
Special Requirements
Interview Mode: Video. Keywords: access management California Massachusetts.
Compensation & Location
Salary: $130,000 – $170,000 per year (Estimated)
Location: Sunnyvale, CA
Recruiter / Company – Contact Information
Email: .s@quantumworldit.com
Recruiter Notice:
To remove this job posting, please send an email from
.s@quantumworldit.com with the subject:
DELETE_JOB_ID_3617