×
Register Here to Apply for Jobs or Post Jobs. X
More jobs:

Vulnerability Management Engineer III

Job in West Sacramento, Yolo County, California, 95605, USA
Listing for: Sutter Health
Full Time position
Listed on 2026-07-10
Job specializations:
  • IT/Tech
    Cybersecurity
Job Description & How to Apply Below

Security Engineer

This role will develop and build security controls, administer security technology solutions to reduce risk and/or ensure rapid delivery of least-privilege access to users. As a level 3 engineer, you will create technical plans and implementation strategies within security to address risk and improve user experience. Applies extensive knowledge of security, risk, and technology to lead the resolution of complex problems.

This role will lead cross collaboration across business and technology teams to find solutions to complex challenges, applying advanced knowledge of the security ecosystem. Proficient at leading all phases of projects, programs and initiatives of diverse scope and complexity. Works and collaborates with others in a lead role based on business need. Duties include, but are not limited to, engineering, analysis, research, testing, and monitoring.

Vulnerability

Management

Own and engineer the enterprise Vulnerability Management platform, including configuration, optimization, coverage strategy, and continuous improvement of asset discovery and authenticated scanning capabilities. Design and maintain end-to-end vulnerability data pipelines, ensuring accuracy, completeness, and normalization of vulnerability findings across infrastructure, endpoints, applications, and cloud assets. Lead integration of vulnerability data into ITIL-aligned enterprise vulnerability reporting and remediation workflows, including automation of ticket creation, routing logic, SLA enforcement, and escalation paths.

Develop and operationalize risk-based prioritization models, correlating vulnerability severity, exploitability, threat intelligence, and asset criticality to drive enterprise remediation focus. Define and deliver executive-level metrics, dashboards, and reporting, including remediation trends, exposure reduction, and program effectiveness, enabling data-driven risk decisions. Act as a senior technical authority for vulnerability lifecycle management, including scan validation, false-positive reduction, coverage gap analysis, and continuous tuning to improve detection fidelity and reduce noise.

Serve as a senior technical advisor to application and engineering teams by translating vulnerability findings into clear, actionable guidance, explaining detection logic, validation methods, and risk context to enable effective and accurate remediation.

Education

Bachelor's:
Business, Cybersecurity, Computer Science, Information Technology/Security, Risk Management, or related field or equivalent education/experience

Typical Experience

9 years recent relevant experience

Preferred Experience
  • Advanced knowledge of enterprise vulnerability management programs, including vulnerability lifecycle management, remediation governance, exception processes, and industry best practices.
  • Expertise administering enterprise vulnerability management platforms, including configuration, optimization, authenticated scanning, asset discovery, exposure management, and continuous improvement of security coverage.
  • Advanced experience with Tenable One, including vulnerability assessment, exposure management, attack surface management, asset inventory management, vulnerability prioritization, reporting, and platform administration.
  • Experience integrating vulnerability management platforms with Service Now Vulnerability Response, including vulnerability ingestion, asset correlation, CMDB reconciliation, workflow automation, remediation tracking, and operational reporting.
  • Advanced understanding of vulnerability frameworks and standards, including CVE, CVSS, CWE, CPE, threat intelligence, exploitability analysis, and threat-informed risk assessment methodologies.
  • Experience leveraging security automation, workflow orchestration, REST APIs, and scripting languages such as Power Shell and Python to improve operational efficiency and scalability.
  • Strong analytical skills with demonstrated experience interpreting large-scale vulnerability data, performing risk quantification, and assessing cybersecurity risks to support effective decision-making.
  • Advanced experience developing cybersecurity metrics, KPIs, KRIs, dashboards, and executive-level reporting, with the ability to communicate complex technical findings and business risk insights to technical and non-technical stakeholders.
  • Experience supporting vulnerability data integration and synchronization between vulnerability management platforms, CMDB systems, and IT service management workflows to improve asset visibility, remediation effectiveness, and enterprise risk reduction.
Skills and Knowledge
  • An understanding of the impact of emerging business and end-user technologies have on information security requirements and architecture.
  • An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business.
  • Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary