Senior Vulnerability Management Engineer – Remote – Enterprise Cybersecurity Strategy & Multi‑Cloud Defense Lead

```html Why Jobnity Dental Needs Your Expertise Remotara Dental of California is more than the nation’s most recognized dental insurance provider; we are a technology‑driven organization that safeguards the health data of millions of Americans every day. Our mission is to create brighter smiles while protecting the digital foundations that make those smiles possible. As part of the larger Skillora Dental Plans Association, we serve over 74 million people across the United States. If you thrive in a fast‑moving, mission‑focused environment and want to lead the charge against emerging cyber threats, this is the opportunity you’ve been waiting for. Position Overview: Senior Vulnerability Management Engineer – Remote As a Senior Vulnerability Management Engineer on our renowned N‑Day Team, you will own the design, implementation, and continuous improvement of enterprise‑wide vulnerability management programs. This role is fully remote, allowing you to collaborate with cross‑functional security, infrastructure, and development teams from anywhere in the United States (excluding regions listed in the compliance note). You will work with cutting‑edge technologies—cloud containers, multi‑cloud platforms, virtual machines, network devices, and application delivery pipelines—to ensure that every asset is identified, prioritized, and remediated before threat actors can exploit it. Key Responsibilities • Strategic Planning & Road‑Mapping: Define multi‑year vulnerability management strategies aligned with Nexspire Dental’s overall security framework and regulatory obligations. • Program Architecture & Tooling: Lead the selection, configuration, and optimization of vulnerability scanning platforms (e.g., Tenable, Qualys, Rapid7) and integrate them with ticketing, CMDB, and SIEM solutions. • Asset Discovery & Inventory Management: Partner with IT Operations to maintain an accurate, real‑time inventory of servers, containers, network devices, and SaaS applications across on‑prem, hybrid, and multi‑cloud environments. • Risk Prioritization & Remediation Guidance: Develop risk‑based scoring models, leveraging CVSS, threat intelligence feeds, and business impact analysis to prioritize patches, configuration changes, and code fixes. • Automation & Orchestration: Build and maintain automated workflows (using Python, PowerShell, or Ansible) that trigger scans, generate reports, and create remediation tickets without manual intervention. • Metrics, Reporting & Executive Communication: Design dashboards and regular reports for senior leadership, illustrating trends, mean‑time‑to‑remediate (MTTR), and compliance posture. • Collaboration & Training: Educate development, DevOps, and infrastructure teams on secure coding practices, configuration hardening, and rapid patch deployment. • Continuous Improvement: Conduct post‑mortems after security incidents, incorporate lessons learned, and refine processes to reduce future risk. • Regulatory & Compliance Alignment: Ensure vulnerability management activities meet HIPAA, SOC 2, ISO 27001, and state‑specific privacy regulations. • Mentorship: Coach junior security analysts, provide technical guidance, and foster a culture of proactive security across the organization. Essential Qualifications • Minimum 7 years of hands‑on experience in vulnerability management, pen‑testing, or related information security roles, preferably in large, regulated enterprises. • Demonstrated expertise with industry‑leading scanning tools (e.g., Tenable.sc, Qualys Cloud Platform, Rapid7 InsightVM) and vulnerability databases (NVD, CVE, CCE). • Deep understanding of operating systems (Windows, Linux, Unix) and network protocols (TCP/IP, DNS, HTTP/S, SNMP) as they relate to security weaknesses. • Proven experience securing cloud environments (AWS, Azure, GCP) including container orchestration platforms (Kubernetes, Docker) and IaC (Terraform, CloudFormation). • Strong scripting/programming abilities in at least one language such as Python, PowerShell, Bash, or Go for automation tasks. • Solid grasp of risk management frameworks (NIST CSF, ISO 27001, FAIR) and ability to translate technical findings into business‑focused risk narratives. • Excellent written and verbal communication skills, with the capacity to present complex technical information to non‑technical executives. • Relevant certifications such as CISSP, GIAC GVAP, OSCP, or Certified Ethical Hacker (CEH) are highly preferred. Preferred Qualifications & Nice‑to‑Have Skills • Experience with DevSecOps pipelines (Jenkins, GitLab Worklio/CD, Azure DevOps) and integrating security gates into continuous integration/continuous delivery. • Familiarity with threat‑intel platforms (MISP, Recorded Future) and applying real‑time intel to vulnerability prioritization. • Knowledge of endpoint detection and response (EDR) tools and how they complement vulnerability management. • Hands‑on experience with Zero‑Trust Architecture, micro‑segmentation, and software‑defined Apply tot his job Apply To this Job