RapidVulnerability Management Lead

Role:
Rapid7 Vulnerability Management Lead

Duration: 1+ year

The Rapid7 Vulnerability Management Lead will serve as a critical enabler within the BDSC (Boeing Digital Security Center) organization, driving enterprise-wide vulnerability management operations using the Rapid7 Insight-VM platform. This role is the central coordination hub between Boeing's SOX compliance team and infrastructure operations, ensuring vulnerabilities are identified, prioritized, tracked, and remediated in alignment with Boeing's security standards, regulatory requirements, and organizational risk appetite.

The ideal candidate is a hands-on, detail-oriented security professional who combines deep Rapid7 platform expertise with strong cross-team collaboration skills and the ability to translate vulnerability data into clear, actionable risk insights for both technical teams and leadership.

• Monitor Rapid7 dashboards and reports to identify critical and high-severity vulnerabilities.
• Track vulnerability remediation progress and follow up with infrastructure teams (Windows, Linux, Network, Endpoint).
• Coordinate remediation activities and elevate blockers when required.
• Create and track Corrective Action Plans (CAPs) for vulnerabilities that require formal risk tracking.
• Perform vulnerability trend analysis and track aging vulnerabilities.
• Prepare weekly vulnerability status reports and dashboards for leadership review.
• Work with Rapid7 tool owners to review scan configurations and improve coverage.
• Ensure vulnerability management activities align with Boeing security standards.
• Log in to and manage daily operations within the Rapid7 platform (Insight-VM) including dashboards, reports, and asset views.
• Customize and maintain Rapid7 dashboards and reporting views to improve visibility for security and leadership teams.
• Support scan configuration review, fine-tuning, and coverage validation to ensure accurate vulnerability detection.
• Support asset inventory alignment and cleanup within Rapid7 to ensure accurate scan coverage.
• Identify stale, inactive, or duplicate devices in Rapid7 and coordinate with the tool owner and infrastructure teams for cleanup and asset alignment.
• Collaborate with the Rapid7 tool owner and security teams to improve scan coverage, reporting visibility, and vulnerability tracking effectiveness.
• Vulnerability Exception Handling & False Positive Validation.
• Remediation Projects & Workflow Management in Rapid
  7.
• Ensure appropriate asset onboarding and scan coverage across infrastructure environments.

• Strong hands-on experience with Rapid7 Insight-VM / Rapid7 Vulnerability Management platform.
• Demonstrated experience in vulnerability analysis, remediation coordination, and security reporting.
• Solid knowledge of CVSS scoring, vulnerability lifecycle, and industry-standard remediation practices.
• Proven experience creating and maintaining Rapid7 dashboards, reports, and analytics views.
• Ability to coordinate and collaborate with multiple infrastructure, security, and compliance teams.
• Experience creating and managing Corrective Action Plans (CAPs) and formal risk tracking documentation.
• Familiarity with Boeing security standards or equivalent enterprise-level security governance frameworks.