Own day-to-day operations of the Tenable platform (e.g., scan configuration, scheduling, coverage monitoring, credentials management, and results troubleshooting).
Lead triage, assignment, and validation of vulnerability remediation tasks across infrastructure and application stakeholders.
Define, maintain, and enforce SLA-based remediation, including escalation and executive reporting for SLA drift.
Integrate Tenable findings and remediation workflows with SCCM, Intune, SOAR, SIEM, and ticketing systems to enable automated assignment, tracking, and validation.
Conduct quarterly reconciliation of Tenable scanner output with CMDB and asset inventories to validate coverage, ownership, and data quality.
Maintain an auditable exception register with documented risk acceptance, compensating controls, approvals, and expiration controls.
Produce VM program metrics and reporting (weekly, monthly, quarterly, and annually), including risk trends, SLA performance, and remediation outcomes.
Run a recurring VM governance cadence (e.g., quarterly working sessions) to review SLA drift, backlog health, scanner coverage, and tool-to-tool integrations.
Support internal audit and regulatory review of the Vulnerability Management program by providing evidence, metrics, and control narratives.

5+ years of hands-on experience running an enterprise Vulnerability Management program (process, governance, metrics, and remediation outcomes), not just point-in-time scanning.
Hands-on experience with Tenable, including scan configuration, credentialed scanning, reporting, and troubleshooting.
Deep understanding of vulnerability scoring systems (CVSS), threat intelligence correlation, and risk-based prioritization to drive remediation sequencing.
Experience leading or contributing to patching strategies using SCCM, Intune, or similar tools.
Strong documentation and process improvement skills.
Proven ability to collaborate across technical and non-technical teams.

Vulnerability Management Engineer

About this role