Security Engineer

Piper Companies is seeking a Security Engineer to join a leading cybersecurity organization. The Security Engineer will be responsible for providing strategy, leadership and operational support of vulnerability management processes for clients with regulatory compliance requirements.

Responsibilities of the Security Engineer include:

• Join a highly collaborative security operations team designing and delivering vulnerability management services to Cloud
• Serve as the advisor to the client and our team on all matters related to vulnerability management.
• Collaborate in a cross functional model with infrastructure engineering, site relatability engineering, and client’s success managers to deliver a seamless, holistic experience for client engagements
• Work across a myriad of technology stacks in the leading cloud providers like AWS, Azure, and GCP, embracing their unique client-driven deployments and operational requirements
• Influence the maturity of processes and standards related to vulnerability management activities and propagate through development and maintenance of standard operating procedures, training curriculums, technical documentation, and troubleshooting guideline
• Conduct recurring and on-demand OS/DB, web application, and container scanning activities
• Develop Plan of Action and Milestone (POA&M) reports
• Conduct testing and data reviews to evaluate the effectiveness of current contractual measures
• Communicate with internal management to provide insights into the current risk in client environments and proposed remediation strategies

Qualifications for the Security Engineer include:                                                                                            

• 2+ years of related experience in professional services, vulnerability management, and compliance monitoring
• Skills in web application testing, API testing, and network testing
• Ability to analyze information security vulnerabilities and collaborate with teams for remediation
• Experience developing playbooks, runbooks, and troubleshooting technical issues
• Knowledge of vulnerability scoring systems (CVSS/CMSS)
• Experience with vulnerability scanning tools (e.g., Nessus, Nexpose, Burp Suite)
• Ability to analyze vulnerabilities and adjust risk ratings based on internal factors.
• Familiarity with OS Baseline Configuration standards (e.g., CIS Critical Security Controls Scanning)

Compensation for the Security Engineer includes:

• Salary Range: $90,000 – $115,000
• Full benefits: PTO, Paid Holidays, Cigna Healthcare, Dental, Vision, 401k

Keywords: #LI-RL1 #LI-REMOTE

Piper Companies, security, cyber security, engineer, vulnerability management, Nessus, burp suite, nexpose, compliance, security controls, fedramp, client, network scanning, app scanning, aws, azure, gcp, cloud, vulnerability management, CVSS, CMSS, audit, policies,