×
Register Here to Apply for Jobs or Post Jobs. X
More jobs:

Vulnerability Operations Engineer

Job in Seattle, King County, Washington, 98127, USA
Listing for: Fred Hutchinson Cancer Research Center
Full Time position
Listed on 2026-07-05
Job specializations:
  • Security
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 120931 - 191131 USD Yearly USD 120931.00 191131.00 YEAR
Job Description & How to Apply Below

Overview

Fred Hutchinson Cancer Center is an independent, nonprofit organization providing adult cancer treatment and groundbreaking research focused on cancer and infectious diseases. Based in Seattle, Fred Hutch is the only National Cancer Institute-designated cancer center in Washington.

With a track record of global leadership in bone marrow transplantation, HIV/AIDS prevention, immunotherapy and COVID-19 vaccines, Fred Hutch has earned a reputation as one of the world’s leading cancer, infectious disease and biomedical research centers. Fred Hutch operates eight clinical care sites that provide medical oncology, infusion, radiation, proton therapy and related services, and network affiliations with hospitals in five states.

Together, our fully integrated research and clinical care teams seek to discover new cures to the world’s deadliest diseases and make life beyond cancer a reality.

At Fred Hutch we value collaboration, compassion, determination, excellence, innovation, integrity and respect. Our mission is directly tied to the humanity, dignity and inherent value of each employee, patient, community member and supporter. Our commitment to learning across our differences and similarities make us stronger. We seek employees who bring different and innovative ways of seeing the world and solving problems.

As a senior member of the Information Security Operations team, you will anchor the organization’s Vulnerability Operations (Vuln Ops) practice, serving as a subject matter expert who owns the discover, prioritize, remediate, and validate loop end to end. You will drive risk-based exposure management, mentor junior team members, and shape how Fred Hutch identifies, assesses, and orchestrates the remediation of vulnerabilities across a complex hybrid estate.

We are looking for a Vulnerability Operations Engineer to mature our exposure management program beyond scan-and-patch toward exploitability-in-context prioritization.

Reporting to the Director of Information Security Engineering & Operations, you will scope and run scanning across cloud and on-premises assets, validate and triage findings, separate noise from materially risky exposure, and translate results into clear, owner-assigned remediation that actually gets fixed. You will partner closely with Fred Hutch architecture, development, systems engineering, and network engineering teams to embed vulnerability checks into their workflows, build automation that scales the program, and raise our level of compliance with information security standards.

If this sounds like you, come help Fred Hutch in the fight against cancer and infectious disease by reducing the attack surface that protects our research and our patients!

This role will have the opportunity to work partially at our campus and remotely.

Evening and/or weekend work may occasionally be required.

Responsibilities
  • Own the vulnerability management lifecycle end to end—asset scoping, scanning, validation, triage, and remediation tracking—across cloud, on-premises, and hybrid environments.
  • Lead risk-based, exploitability-in-context prioritization that separates noise from materially risky exposure, combining CVSS with EPSS, CISA KEV, and vendor advisories along with asset and reachability context, rather than ranking by raw score alone.
  • Interpret scan results at scale: filter false positives, correlate findings with exploitability and active threat intelligence, and translate them into clear, prioritized tickets with named owners and actionable remediation guidance.
  • Build, tune, and maintain the exposure management toolchain—evaluating and integrating vulnerability scanners, attack-surface and asset-graph tooling, and exposure management platforms for operational fit.
  • Design and run remediation orchestration: set patch SLAs by risk tier, drive remediation campaigns (for example, end-of-life asset cleanup and TLS/certificate uplift), and keep multiple remediation streams moving across the teams that own the fix.
  • Develop and maintain automation and scripting (Python, Power Shell, Bash) to de-duplicate findings, enrich them with CMDB and asset data, and push outputs into ticketing and…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary