×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

Vulnerability Management Engineer; Security

Job in McLean, Fairfax County, Virginia, USA
Listing for: Ntiva
Full Time position
Listed on 2026-06-27
Job specializations:
  • Engineering
    Cybersecurity
  • IT/Tech
    Cybersecurity
Job Description & How to Apply Below
Position: Vulnerability Management Engineer (Security)

Security Engineer (Senior Level)

Are you looking for limitless career opportunities with a company that values growth, innovation, and teamwork? At Ntiva, we're more than a Managed Services Provider, we're a community dedicated to helping each other, our clients, and their businesses thrive both personally and professionally. Ntiva is a culture of people who are passionate about the work…and each other.

Our clients view us as an essential part of their teams, relying on us for strategic guidance, fast solutions to complex challenges, and proactive support. With strategic locations across the U.S. and leadership from our founder, Steven Freidkin, we're on the front lines of a fast-paced industry, facing cybersecurity threats and rapid technology changes together.

If you thrive in a dynamic, supportive environment and enjoy going above and beyond, we'd love to meet you. Come explore one of our many opportunities and grow with us!

The scope and responsibilities of this position are accurately represented. Title alignment is still being finalized and reflects the closest match to the role.

How you'll make an impact

As a Senior Security Engineer, you serve as the senior technical advisor for high-risk security remediation, planned security infrastructure changes, and limited post containment recovery for Gov Con clients. You are responsible for performing risk based technical analysis, sequencing recommendations, and clearly defining change guardrails that protect system stability, compliance posture, and service margins.

This role owns engineering judgment and technical recommendations, not just implementation. You are expected to identify unsafe or insufficiently defined work, recommend delays when requirements are not met, and ensure all changes include clear success, validation, and rollback criteria.

Location and work expectations

  • This is a hybrid
    -remote role with approximately 5% on-site work at client sites throughout the US if needed. The specific allocation of remote versus onsite requirements may fluctuate based on business needs.
  • This role also includes participation in a rotating on-call schedule.

What you will be doing

  • Provide senior level technical recommendations and execution guidance for high-risk remediation and availability impacting security changes.
  • Analyze and recommend change sequencing, blast radius reduction strategies, rollback feasibility, and validation requirements.
  • Require defined success criteria and rollback plans prior to execution; formally recommend delay or redesign when requirements are insufficient.
  • Execute approved proactive security remediation requiring advanced engineering judgment or infrastructure changes.
  • Perform approved, availability impacting security changes including firewall, firmware, and network security updates.
  • Implement configuration hardening and security control changes across servers, endpoints, and network infrastructure.
  • Serve as the senior technical lead for post containment recovery, guiding environments back to a validated steady state following MSSP/SOC containment.
  • Coordinate technical recovery activities across company stakeholders, and third-party vendors to prevent uncontrolled rebuild work.
  • Validate remediation outcomes against defined technical success criteria and confirm verified closure of findings.
  • High‑impact and high‑risk remediation requiring senior engineering analysis and judgment.
  • Planned firewall, firmware, and infrastructure security updates on an approved cadence.
  • Availability‑impacting security changes executed with defined rollback and validation steps.
  • Post‑containment recovery technical leadership for:
    • Business Email Compromise (BEC)
    • Malware mitigation/removal (non‑ransomware)
    • Foreign or impossible login events (nonforensic)
  • EDR agent deployment, health monitoring, and lifecycle management across all endpoints and servers
  • EDR Policy configuration, tuning, and optimization aligned to Gov Con risk profiles
  • Implementation, and maintenance of web filtering security policies
  • Review and investigation of web filtering security events
  • Review and actioning of MDR threat intelligence and recommendations to enhance client environments
  • Participation…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search