eRichards ConsultingRemote
Mobile Device Vulnerability Management & Configuration Compliance Engineer
United States of America
Contract
2 hours ago
No H1B
Key skills
Mobile OS securityVulnerability managementConfiguration complianceMobility Scanning Tool ExperienceMDM experienceEnterprise integration skillsIdentity & access managementScripting/automationSecurity documentationAnalytical skillsProcess improvementPythonGoPowerShellOAuthSSOSplunkiOSAndroidServiceNowSaaSStakeholder ManagementChange ManagementCommunication
About this role
eRichards Consulting is seeking a Mobile Device Vulnerability Management & Configuration Compliance Engineer for a 15 months+ REMOTE W2 contract. The role involves designing, validating, and operationalizing an automated mobile device vulnerability scanning and configuration compliance capability across enterprise-issued mobile endpoints, while leading proof-of-technology activities and ensuring regulatory compliance.
Responsibilities:
- Define PoT scope, success criteria, and test plans for automated mobile vulnerability scanning (e.g., agent-based/agentless, MDM-integrated, API-driven)
- Evaluate candidate tools for: coverage (OS/app/cert/profile), detection accuracy, scalability, device impact, privacy controls, and reporting fidelity
- Execute pilots across representative device populations validating:o vulnerability detection capabilities (OS versions, CVEs, patch levels, risky apps) o configuration compliance checks (encryption, jailbreak/root, screen lock, OS hardening)o integration readiness (Intune/Workspace ONE/Jamf; SIEM; ITSM; CMDB)
- Produce PoT outcomes: findings, risk analysis, cost/benefit, architecture decision record, and go/no-go recommendation
- Coordinate with InfoSec and Compliance teams to ensure SaaS platform posture aligns with regulatory requirements (NYDFS)
- Build and run mobile vulnerability lifecycle processes: discovery, assessment, prioritization, remediation, validation, reporting
- Establish severity/risk scoring tuned for mobile (exposure, device role, app risk, compliance impact)
- Coordinate remediation with endpoint engineering, mobility admins, app owners, and operations teams
- Validate remediation effectiveness using scanner re-runs, policy compliance, and audit evidence
- Develop, deploy, and continuously improve baseline security configurations for iOS/iPadOS and Android
- Translate requirements into enforceable policies (password/biometrics, encryption, OS update controls, app controls, certificate/profile constraints, VPN/Wi-Fi security, logging settings)
- Implement compliance monitoring and drift detection; drive automated or semi-automated corrective actions
- Build automation scripts and APIs to normalize and enrich findings
- Support change management and communications for new controls impacting device behavior and user experience
- Provide technical guidance and training to operations teams for ongoing support
Requirements:
- Mobile OS security fundamentals: iOS/iPadOS and Android security models, patching, permissions, app ecosystems, jailbreak/root detection concepts
- Vulnerability management expertise: CVE/patch lifecycle, risk-based prioritization, SLAs, validation, metrics
- Configuration compliance: baseline hardening, policy enforcement, continuous compliance monitoring, and drift remediation
- Mobility Scanning Tool Experience (hands-on): Qualys Mobile VMDR, Lookout, Workspace One + Microsoft Threat Defense, or equivalent
- MDM experience (hands-on): Microsoft Intune, Omnissa Workspace ONE, Jamf Pro, or equivalent
- Enterprise integration skills: API integration, data normalization, and automation with SIEM/SOAR/ITSM (e.g., Splunk, Sentinel, QRadar; XSOAR, Sentinel SOAR; ServiceNow)
- Identity & access: conditional access concepts, device compliance states, SSO, certificates, MFA, posture-based access controls
- Scripting/automation: PowerShell and/or Python; familiarity with REST APIs, JSON, OAuth, and secrets management
- Security documentation: ability to author PoT plans, architecture diagrams, operational runbooks, and audit evidence
- Excellent documentation and stakeholder management skills
- Strong analytical and problem-solving skills
- Excellent communication and stakeholder management skills; experience presenting PoT results and recommendations
- Ability to work independently and across multifunctional teams
- Detail-oriented with a focus on process improvement and operational excellence
- Ability to manage multiple workstreams (pilot + integration + operations) with minimal supervision
- Familiarity with NIST, CIS Benchmarks, DISA STIG (mobile), ISO 27001 control mapping, or similar frameworks
- Bachelor's degree in Cybersecurity, Information Systems, Computer Science, Engineering, or equivalent practical experience