Vulnerability Management Jobs

This Principal Product Security Engineer role supports the newly formed Product Security team within Johnson & Johnson's medical device division, focusing on integrating security by design into the product lifecycle. The position requires collaboration with engineering groups to establish and refine security processes, serve as a subject matter expert on cyber risks, and manage pre-market and post-market compliance activities including threat modeling and vulnerability management. The role appeals to candidates seeking to directly impact patient safety while working in a collaborative, patient-first culture. The position is based in Danvers, Massachusetts or Raritan, New Jersey, with a hybrid work arrangement requiring office presence at least three days per week.

The IT Infrastructure & Operations Bureau Chief leads the Montana Department of Transportation's three-tiered IT support structure, overseeing customer service, endpoint management, and server network operations. Key responsibilities include developing strategic plans, managing complex technology projects, supervising staff, and handling vendor contracts. This senior leadership role offers the appeal of a public service mission with a strong work-life balance culture, potential hybrid remote flexibility, and comprehensive benefits including health insurance and retirement plans. The position requires a background investigation and involves reporting directly to the ISD Division Administrator.

This Principal Product Security Engineer role resides within the Technology Enterprise Strategy & Security team at Johnson & Johnson, focusing on securing medical device products. The position involves partnering with engineering groups to embed security by design throughout the product lifecycle, from pre-market development to post-market vulnerability management. Key responsibilities include creating and refining security processes, acting as a subject matter expert on cyber threats, and delivering critical documentation for regulatory compliance such as SOC2 and ISO 27001. The opportunity is appealing for its chance to directly impact patient safety while shaping industry standards in a Patient First culture. The role is based in Danvers, MA or Raritan, NJ, with a hybrid work arrangement requiring office presence three days per week.

This Principal Product Security Engineer role supports the newly formed Product Security team within Johnson & Johnson's medical device division, focusing on integrating security by design into the product lifecycle. The position requires partnering with engineering groups to enforce security policies, develop risk management documentation, and guide teams through pre-market and post-market compliance activities. Key responsibilities include creating security processes, acting as a subject matter expert on cyber threats, and supporting certifications such as SOC2 and ISO 27001. The role is based in Danvers, MA, with a hybrid schedule requiring three days in the office, though remote options may be considered. The position appeals to candidates seeking to impact patient safety directly within a collaborative, patient-first culture while shaping industry standards for medical device security.

This Principal Product Security Engineer role is part of the Technology Enterprise Strategy & Security team within Johnson & Johnson's medical device division. The position focuses on embedding security by design into the product development lifecycle, partnering with engineering groups to ensure adherence to security policies and regulatory standards. Key responsibilities include creating and improving security processes, acting as a subject matter expert on cyber security matters, and delivering critical documentation for pre-market activities and compliance certifications such as SOC2 and ISO 27001. The role appeals to candidates seeking to directly impact patient lives through innovative security solutions in a regulated environment. The position is based in Danvers, MA, with a hybrid work arrangement requiring office presence three days per week, though remote options may be considered on a case-by-case basis.

The Operational Technology Security Engineer role supports a government contractor team delivering strategic IT services to Defense and Federal customers. The position focuses on securing industrial environments by integrating OT processes with information systems, managing vulnerabilities, and implementing risk mitigation strategies. Key responsibilities include analyzing security requirements across the system lifecycle, configuring secure network architectures, and developing incident response plans for SCADA and ICS systems. This opportunity appeals to professionals seeking to apply specialized OT cybersecurity expertise in a mission-critical setting. The role requires a Secret clearance and offers a dynamic environment for those who thrive on solving complex security challenges with minimal supervision.

This Director, Information Security Officer role leads cybersecurity strategy and operations for a key line of business within Capital One's Information Security Office. The position involves building and mentoring a team of security professionals to deliver product advisory services, manage cyber risks, and integrate security into modern cloud and data ecosystems. Key responsibilities include developing tailored security strategies, overseeing threat and vulnerability management, and advising executive leadership on risk-based initiatives. The role is appealing for its opportunity to drive innovation in a dynamic financial technology environment, work with cutting-edge technologies like Generative AI and Zero Trust, and foster a culture where security acts as a business enabler rather than a compliance hurdle.

This Mid/Sr System Administrator role within Leidos' Intel Sector supports a complex, geographically distributed network environment focused on national security. The position involves installing and maintaining Windows and Linux servers, managing Active Directory configurations, and performing security hardening in high-assurance environments. Key responsibilities include optimizing system performance, managing vulnerability assessments, patching, and documenting infrastructure for incident resolution. The role appeals to candidates seeking to work on cutting-edge cybersecurity and signals intelligence projects with a team that values professional growth and technical upskilling. The position requires a Top Secret clearance with polygraph and offers flexible scheduling options alongside a collaborative culture dedicated to mission-critical innovation.

The Information Systems Security Officer role serves as a dual technical architect and compliance steward within the OIM department, bridging cybersecurity architecture with federal governance. Key responsibilities include designing secure-by-design systems, managing the Assessment and Authorization process, and overseeing continuous monitoring of security controls across diverse information systems. The position requires leading risk assessments, maintaining Plans of Action and Milestones, and ensuring strict adherence to NIST and DOE federal mandates. This opportunity appeals to professionals seeking to shape enterprise security strategy while working in a collaborative environment that values resilience and mission-critical protection. The role involves close collaboration with cross-functional teams and offers the chance to influence security culture through training and policy development.

The Lead Cloud AI Platforms Engineer role is a full-time position within Hilton's in-house Technology team, supporting the Cloud Engineering department. Based in Memphis, McLean, Dallas, or remotely, the individual acts as a technical expert leading a team to build and automate AI and machine learning infrastructure on AWS. Key responsibilities include developing LLM applications, managing cloud security and vulnerability management, and utilizing Infrastructure as Code to deploy workloads across hybrid cloud environments. The position appeals to candidates seeking to revolutionize the global hospitality industry while working in an award-winning culture that prioritizes employee wellbeing. The role offers significant growth opportunities, access to extensive travel perks, and a supportive environment recognized as one of the world's best workplaces.

The ACAS Administrator role at CommIT Enterprises supports the design, implementation, and maintenance of Assured Compliance Assessment Solution environments for Department of Defense networks. Key responsibilities include configuring Security Centers and Nessus scanners, ensuring 100% coverage of client assets, standardizing scan configurations, and developing reporting dashboards for leadership and technical staff. The position also involves maintaining operating systems, implementing security standards like STIGs, and creating detailed network diagrams. This opportunity appeals to cybersecurity professionals seeking to work with cutting-edge vulnerability management tools in a collaborative, mission-driven environment. The role is based at a contractor site with minimal travel and requires an active DoD Secret clearance.

This early-career Software Engineer role within Johnson & Johnson's Surgery team focuses on enhancing the cybersecurity of medical products in Santa Clara, California. The position involves designing and implementing software security controls, conducting code and design reviews with a security focus, and performing risk assessments to identify and mitigate vulnerabilities in C++ and Linux-based systems. The role requires collaboration with cross-functional teams to ensure compliance with FDA regulations and quality management processes. This opportunity appeals to candidates passionate about applying cybersecurity expertise to life-saving medical technologies. The position offers a hybrid work arrangement with potential for remote flexibility, opportunities for professional growth in a regulated environment, and a collaborative culture dedicated to innovation in healthcare.

The Application Security Engineer role at Bright Vision Technologies involves embedding security practices throughout the software development lifecycle to protect scalable business applications. Key responsibilities include conducting threat modeling, performing manual code reviews, operating security tooling within CI/CD pipelines, and leading red-team exercises to identify and remediate vulnerabilities. The position offers a fully remote work arrangement within a direct W2 employment structure, providing significant career growth potential in a collaborative environment that values innovation and technical excellence.

This early-career Software Engineer role within Johnson & Johnson's Surgery team focuses on enhancing the cybersecurity of medical products in Santa Clara, California. The position involves designing and implementing software security controls, defining cybersecurity requirements, and conducting code and design reviews with a security focus. Key responsibilities include performing risk assessments to identify vulnerabilities, developing mitigation strategies, and writing C++ and bash scripts in a regulated environment. The role offers the appeal of contributing to life-saving surgical innovations while working in a collaborative, cross-functional setting. Although primarily onsite, remote work options may be considered on a case-by-case basis, and the position includes limited travel opportunities.

This early-career Software Engineer role within Johnson & Johnson's Surgery division focuses on enhancing the cybersecurity of medical products. The position involves designing and implementing security controls, performing code and design reviews with a security focus, and conducting risk assessments to identify and mitigate software vulnerabilities. Candidates will develop C++ applications in a Linux environment while collaborating with cross-functional teams to ensure compliance with FDA regulations. The role offers the opportunity to contribute to life-saving surgical technologies in a mission-driven culture. While primarily based in Santa Clara, California, remote work options may be considered on a case-by-case basis, and occasional travel is required.

This early-career Software Engineer role within Johnson & Johnson's Surgery team focuses on enhancing the cybersecurity of medical products in Santa Clara, California. The position involves designing and implementing software security controls, defining cybersecurity requirements, and conducting code reviews with a security focus. Key responsibilities include performing risk assessments to identify vulnerabilities, developing mitigation strategies, and building C++ applications in a regulated environment. The role offers the appeal of contributing to life-saving surgical technologies while working in a collaborative, cross-functional setting. Although primarily onsite, remote work options may be considered on a case-by-case basis, and the position includes limited travel requirements.

This early-career Software Engineer role within Johnson & Johnson's Surgery team focuses on enhancing the cybersecurity of medical products in Santa Clara, California. The position involves designing and implementing security controls, conducting code and design reviews with a security focus, and performing risk assessments to identify and mitigate software vulnerabilities. Key responsibilities include developing C++ applications in a Linux environment and collaborating with cross-functional teams to ensure compliance with FDA regulations. The role appeals to candidates passionate about applying technology to improve patient outcomes through smarter surgical solutions. While primarily onsite, remote work options may be considered on a case-by-case basis, and the position offers opportunities for professional growth within a mission-driven healthcare innovation environment.

The Senior Systems Engineer role supports a mission-critical analytics platform within a premier national security solutions firm. The position focuses on administering Linux-based high-performance computing environments, managing workload scheduling, and utilizing automation tools like Ansible for system orchestration. Key responsibilities include providing Tier 3 support for complex technical issues, optimizing system performance, and collaborating with data scientists to ensure platform reliability. This opportunity appeals to engineers seeking to work on advanced research initiatives with a focus on security and scalability. The role involves on-call rotations to maintain critical availability and offers a chance to contribute to long-term platform strategy in a collaborative, mission-driven environment.

This early-career Software Engineer role within Johnson & Johnson's Surgery division focuses on enhancing the cybersecurity of medical products. The position involves designing and implementing security controls, conducting code and design reviews with a security focus, and performing risk assessments to identify and mitigate software vulnerabilities. Candidates will develop C++ solutions in a Linux environment while collaborating with cross-functional teams in an FDA-regulated setting. The role offers the opportunity to contribute to life-saving surgical technologies and work on innovative solutions at the intersection of biology and technology. The position is based in Santa Clara, California, with a hybrid work arrangement and requires up to 10% travel.

This early-career Software Engineer role within the Surgery team at Johnson & Johnson focuses on enhancing the cybersecurity of medical products in Santa Clara, California. The position involves designing and implementing software security controls, conducting code and design reviews with a security focus, and performing risk assessments to identify and mitigate vulnerabilities in C++ applications. The role offers the opportunity to work in a collaborative, cross-functional environment where engineers contribute to life-saving surgical technologies. While primarily onsite, remote work options may be considered on a case-by-case basis, and the position includes limited travel. The role appeals to candidates passionate about applying cybersecurity expertise to improve patient outcomes in a regulated, innovative healthcare setting.

This early-career Software Engineer role within Johnson & Johnson's Surgery team focuses on enhancing the cybersecurity of medical products in Santa Clara, California. The position involves designing and implementing security controls, conducting code and design reviews with a security focus, and performing risk assessments to identify and mitigate software vulnerabilities. Key responsibilities include developing C++ applications in a Linux environment and collaborating with cross-functional teams to ensure compliance with FDA regulations. The role appeals to candidates passionate about applying technology to improve patient outcomes through smarter, less invasive surgical solutions. While primarily onsite, remote work options may be considered on a case-by-case basis, and the position offers opportunities for professional growth within a mission-driven healthcare innovation environment.

This early-career Software Engineer role within Johnson & Johnson's Surgery team focuses on enhancing the cybersecurity of medical products in Santa Clara, California. The position involves designing and implementing software security controls, conducting code and design reviews with a security focus, and performing risk assessments to identify and mitigate vulnerabilities in C++ applications. The role offers the opportunity to work in a hybrid environment with cross-functional teams to deliver life-saving technologies in a regulated setting. It is appealing for candidates seeking to apply their technical skills to meaningful healthcare innovations while working in a collaborative culture that values curiosity and professional growth.

The Lead Cloud AI Platforms Engineer role is a full-time position within Hilton's in-house Technology team, supporting the Cloud Engineering department across Memphis, McLean, Dallas, or remotely. The individual serves as a technical lead responsible for architecting AI and ML solutions using AWS services like Bedrock and SageMaker, while managing infrastructure automation through tools such as Terraform and Kubernetes. Key duties include guiding business teams on cloud patterns, ensuring security compliance, and maintaining hybrid cloud operations. The position offers the appeal of working for an award-winning global hospitality leader with a strong culture of employee wellbeing, including significant travel perks and comprehensive support programs. The role involves up to 10% travel and focuses on building cutting-edge technologies that revolutionize the guest experience.

This senior principal cyber software engineering role supports the Sentinel program within Northrop Grumman Defense Systems, located in Huntsville, Colorado Springs, or Roy. The position requires an active Secret clearance and involves leading design review procedures, decomposing requirements for implementation, and providing systems engineering expertise for enterprise-level cybersecurity systems. Key duties include evaluating designs against Department of Defense standards, utilizing model-based engineering tools, and ensuring compliance with industry regulations. The role appeals to candidates seeking to work on revolutionary defense technologies that impact global security. It offers a collaborative culture that values intellectual curiosity and innovation, with opportunities for professional growth and a work arrangement that includes approximately 10% travel.

This full-time Cyber Security Engineer III role supports the IT team at Commerce Bank in safeguarding enterprise systems and ensuring financial data security. Key responsibilities include managing incident response protocols, administering security tools such as SIEM, firewalls, and intrusion detection systems, and proactively hunting for threats across network and cloud environments. The position offers a hybrid work arrangement requiring one day per week in the Kansas City office. The role is appealing due to the company's strong commitment to employee growth, a collaborative culture that values diversity, and opportunities to drive innovation within a stable, 160-year-old financial institution.