This site uses cookies. To find out more, see our Cookies Policy

Lead Vulnerability Engineer in Eagan, MN at Vaco

Date Posted: 6/13/2019

Job Snapshot

Job Description

In this role you will play a pivotal part of the Vulnerability Management team at a fortune 500 data services firm. The ideal candidate for this role will have Qualys certification, VM and PC module expertise, and will have utilized multiple scripting languages for automation. The candidate will perform the following functions in this role:

  • Configure new Qualys platform subscription including deployment of scan appliances and creation of option profiles, asset groups, scan schedules, report templates, and authentication records in both Vulnerability Management (VM) and Policy Compliance (PC) modules.
  • Create run books for scanning and reporting processes developed within VM and PC modules.
  • Support vulnerability scanning operations by administering existing Qualys platform subscription and executing ad hoc scans as needed.
  • Collaborate and contribute to the automation of scanning and reporting processes where possible.
  • Advise cyber security leadership on the latest vulnerability management trends
  • Work with infrastructure teams on prioritizing patching of vulnerable services
  • Weekly review of progress against the above goals, identification of new goals and summary of activity


  • Bachelor's Degree or at least 5 years of Vulnerability Management and/or cyber security experience
  • Experience utilizing vulnerability scanning tools such as Qualys, Tenable Security Center, Nessus, and Fortify
  • Understanding of vulnerability management methodologies and procedures, as well as application and infrastructure vulnerability scanning solutions
  • Familiar with cyber security frame works such as NIST and ISO 27001
  • Experience in maturing vulnerability management programs with a focus on understanding of risk prioritization
  • Understanding of enterprise architecture and infrastructure (e.g., Server, Network, Workstation, Cloud, etc.)
  • Familiarity with patching processes and the systems used such as SCCM
  • Professional oral and written communication skills
  • Experience implementing vulnerability identification solutions for hybrid cloud environments and containers
  • Strong teamwork and interpersonal skills with a focus on problem solving and troubleshooting