Vulnerability Management Jobs

Lead and grow an engineering team focused on Software Composition Analysis at Semgrep, delivering impactful developer-facing security features that reduce noise and surface critical dependency vulnerabilities.

Senior Cloud Security Engineer needed to design and operate cloud security controls, lead incident response, and drive security best practices across a growing SaaS organization.

Experienced ISSM needed to lead program-level information assurance and security authorization efforts for DoD-focused systems in Annapolis Junction, MD.

RxSense is hiring a Vulnerability Analyst to drive vulnerability management, support SOC operations, and collaborate with engineering teams to secure critical healthcare platforms in a hybrid US role.

Experienced ISSO needed to lead RMF/DIACAP assessments, prepare ATO packages, and provide security oversight for Department of Commerce systems at the Herbert Hoover Building.

CyberOne is hiring a Territory Account Manager in the Plano, TX area to drive cybersecurity sales, manage client relationships, and close opportunities across a defined territory.

Chainguard is hiring a Senior Software Engineer (Sustaining) to own vulnerability triage, Linux package and container image maintenance, and automation across a remote-first engineering team.

Saronic is seeking a hands-on Corporate Security Engineer to build and automate enterprise security controls, integrate identity and endpoint platforms, and drive security infrastructure as code in support of a growing defense-autonomy company.

Mid-level Cybersecurity Engineer needed to support DevSecOps and client cybersecurity teams by implementing RMF-aligned controls, STIG compliance, and container security governance for DoD environments.

TherapyNotes is hiring a Senior Cloud Security Engineer to lead cloud and hybrid environment security, incident response, and secure engineering practices for its behavioral health SaaS platform.

Modivcare is seeking an experienced Security Operations Analyst II to design and tune monitoring/alerting, triage security events, and maintain operational security dashboards in a remote capacity.

PGTEK seeks an onsite Cyber Security Engineer with an active Top Secret clearance to enforce DoD cyber policies and secure hybrid cloud and on-premises systems at Langley AFB.

Coupa is hiring a senior Enterprise Security Architect to lead design and implementation of secure architectures, risk assessments, and fraud prevention across cloud and enterprise systems.

Rula seeks a Sr. Application Security Engineer to lead application security efforts across its remote-first mental health platform, protecting patient data and improving development security practices.

RapidScale (Cox) is hiring a Cybersecurity Analyst I to support security monitoring, incident triage, and documentation in a hybrid role based in Raleigh.

CalAmp is hiring an Information Security Analyst to support SOC operations, vulnerability management, and compliance activities for its connected intelligence platform.

Lead the design and implementation of vulnerability management and security engineering solutions at Visa to protect critical payment systems used worldwide.

Acuity seeks an experienced Information Assurance Analyst/Engineer to author NIST RMF artifacts and support cloud security authorization and continuous monitoring for federal systems.

USC seeks an Attack Surface Management Analyst to monitor and reduce risk across campus digital assets—combining vulnerability assessment, ASM tooling, and cross-team remediation to protect on-prem, cloud, OT and application environments.

Contribute to GLS's enterprise security posture as an entry-level IT Security Analyst responsible for monitoring threats, maintaining security systems, and supporting incident response and risk mitigation.

Avint is hiring a senior Cybersecurity SME with an active Top Secret clearance to lead RMF/A&A efforts, advise leadership, and manage cybersecurity posture for DoD-affiliated systems.

DMV IT Service seeks a certified Senior SailPoint Engineer to manage and improve SailPoint IdentityIQ for DOT, enforcing DHS CISA compliance and supporting mission-critical IAM operations.

AnaVation is hiring an Information Assurance Specialist to drive A&A activities, manage XACTA records, and implement RMF-based security controls for classified mission systems.

Celsius Holdings seeks a Cybersecurity Analyst to strengthen threat detection, incident response, and compliance across its IT environment.

Nelnet is hiring a Cyber Security Engineer to strengthen application security through automation, testing, developer collaboration, and implementation of security tools across the organization.

Experienced cybersecurity professional needed to manage and operationalize a federal High Value Asset program, ensuring compliance with OMB/DHS directives and NIST frameworks.

Lead the access attestation and IAM strategy for a major financial institution, partnering with senior stakeholders to ensure robust, compliant access controls.

Lumin Digital is hiring a Cyber Security Engineer to safeguard its cloud-native digital banking platform through threat detection, control implementation, and incident response.

Inclusive & Diverse

Empathetic

Collaboration over Competition

Growth & Learning

Transparent & Candid

Mastercard is hiring an Information Security Engineering Intern for Summer 2026 in Arlington to gain hands-on cybersecurity experience supporting monitoring, vulnerability management, and secure architecture work.

Lead and grow a cross-functional security engineering team to manage enterprise security technologies, vulnerability programs, and operational security across IT and OT in a hybrid Pittsburgh role.

Vapi is hiring a Security Engineer to lead and scale its InfoSec program, ensuring enterprise-grade security and compliance for a fast-growing voice AI platform.

Lead firmware vulnerability management and secure firmware development for UEFI/BIOS, BMC and MCU systems at OnLogic, supporting industrial computer products from identification through mitigation and validation.

Lead cloud and product security at Antimetal by building secure-by-default architectures, CI/CD guardrails, and real-time detection and response capabilities at our New York office.

Experienced Application Security Engineer needed to drive AppSec integration across development and cloud platforms while performing assessments, secure code reviews, and automation for a fast-moving SaaS environment.

The Walt Disney Company's Global Information Security team seeks an Associate Security Specialist to support cyber remediation, reporting, and cross-team collaboration for the Disney Entertainment portfolio.

9th Way Insignia seeks a Security Analyst (L2) to support VA CCSS 2.0 by executing vulnerability assessments, ATO support, compliance monitoring, and remediation coordination under federal cybersecurity frameworks.

Draper seeks an experienced ISSO 2 to support RMF-based continuous monitoring, authorization, and security operations for classified information systems at its Cambridge R&D facility.

Lead cloud security architecture, program assessments, and client engagements as Manager - Cloud & Cybersecurity at a rapidly growing advisory firm.

SecurityScorecard seeks a Vendor Risk Advisor to analyze vendor security findings, advise customers and vendors on remediation, and support the MAX vendor risk management service.

Lead offensive security testing and vulnerability management at FNBO, advising teams on secure design and remediation to strengthen enterprise security and compliance.

EXPANSIA is hiring a Cybersecurity Engineer and Compliance Lead in Dayton, OH to guide RMF compliance, implement security controls, and sustain ATOs for DoD systems using DevSecOps and cloud-native practices.

Experienced security engineer needed to architect and operate defenses across cloud and enterprise environments for a growth-minded industrial automation software company.

Senior Cybersecurity Analyst needed to lead RMF/A&A, vulnerability management, and DISA compliance for AFOSI networks at Quantico under a cleared contractor role.

Scientific Research Corporation is hiring a Cyber Security Analyst III to design, implement, and maintain DoD-compliant cybersecurity controls and lead vulnerability and authorization efforts in support of mission-critical systems.

Maverc is hiring an Information Systems Security Officer to lead RMF compliance, SSP lifecycle management, and Zero Trust implementation across mission-critical systems.

Lead the design and delivery of Logos' end-to-end security architecture for space and ground networks, driving product-level security, threat modeling, and implementation across the system.

Inclusive & Diverse

Empathetic

Collaboration over Competition

Growth & Learning

Transparent & Candid

Mission Driven

Startup Mindset

Customer-Centric

Paid Time-Off

Medical Insurance

Dental Insurance

Vision Insurance

Maternity Leave

Paternity Leave

Child Care stipend

401K Matching

Employee Resource Groups

Education Stipend

Fully Distributed

WFH Reimbursements

CaptivateIQ is seeking a Senior Security Engineer (Cloud & Platform Security) to harden and scale the security foundation of its AWS-based SaaS platform while enabling secure, fast delivery.

Millennium Corporation seeks an experienced Systems Security Engineer to secure SCIF and cloud/hybrid environments for DoD-focused programs in Annapolis Junction, MD.

CFGI is hiring a Director of Cybersecurity to lead client advisory engagements in risk, compliance, governance, and third-party risk management, with a strong focus on EU/German data privacy and cybersecurity regulations.

Lead the strategy and execution of product security and resilience at Dun & Bradstreet, embedding secure-by-design principles across engineering and driving cross-functional adoption.