Senior Vulnerability Management Engineer - Southwest region (Remote in Southern California)

GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk. Senior Vulnerability Management Engineer – Southwest Region GuidePoint Security is seeking an experienced and passionate security professional to join our Southwest Region. Senior Vulnerability Management engineers are knowledgeable, self-directed engineers who take full ownership of the professional services lifecycle—from pre-sales scoping through delivery and ongoing advisory support. Most importantly, they function as part of a highly collaborative team, invest deeply in customer relationships, and continuously push themselves to learn and master new technologies. This role focuses heavily on enterprise vulnerability management program development, assessment tooling deployment, and risk-based remediation strategy, while also serving as a strategic advisor and escalation point for both customers and internal engineers. Role and Responsibilities

• Implement, configure, tune, and operationalize client vulnerability assessment tools across traditional and cloud environments.
• Assist with the creation, maturation, and enhancement of Vulnerability Management program documentation, workflows, and governance structures.
• Perform Vulnerability Management gap analysis to identify process, tooling, or coverage deficiencies.
• Interpret vulnerability findings and provide clear technical and non-technical risk narratives tailored to various stakeholders.
• Develop remediation strategies, including technical patching paths, hardening recommendations, and compensating controls where necessary.
• Implement and operationalize advanced risk-based VM reporting platforms (e.g., Kenna, Nucleus, Brinqa, Vulcan).
• Design and deploy custom dashboards and reporting views to improve transparency, KPIs, and executive-level VM insights.
• Provide expert advisory guidance on Vulnerability Management best practices and industry standards.
• Serve as project lead on VM engagements and act as an escalation point for other engineers within the practice.
• Assist customers with the use of VM tooling and reporting features, including ServiceNow integration support.
• Collaborate closely with vendor partners to troubleshoot and escalate technical issues.
• Conduct continual self-driven learning to stay ahead of evolving trends, technologies, and threat landscapes.
• Support application security needs when required, including coordinating DAST tooling for dynamic analysis.
• Technical Skills & Knowledge We Are Looking For
• Vulnerability Assessment & Discovery Tools
• Experience with major enterprise scanning platforms such as Qualys, Tenable, Rapid7, with cloud-native platforms such as Wiz, Orca, Prisma Cloud, Aqua, Lacework strongly preferred.
• Experience deploying, tuning, and troubleshooting assessment tools in large, complex, and segmented network environments.
• Risk-Based Prioritization & Reporting Tools
• Hands-on experience with Kenna Security, Nucleus, Brinqa, Vulcan, or similar enterprise reporting tools.
• Scripting & Automation
• Ability to perform basic scripting and automation using PowerShell, Bash, Python, or Perl.
• System & Network Knowledge
• Working knowledge of Windows Server, Windows 10/11, MacOS, RHEL, and Ubuntu Linux, including CLI proficiency.
• Strong understanding of networks, protocols, segmentation, and enterprise architectures.
• Security & Hardening
• Understanding of common vulnerability classes (e.g., OWASP Top 10) and how vulnerabilities are exploited.
• Experience applying and recommending CIS benchmarks, NIST, and other hardening standards.
• Additional Relevant Experience
• Familiarity with tools such as Nessus, Nmap, Burp Suite, Netsparker, WebInspect, Metasploit, Core Impact, etc.
• Experience with enterprise configuration and deployment tools (SSM, JAMF, BigFix, Tanium).
• Understanding of system design, asset management challenges, and VM operational constraints.

Professional Skills

• Strong written and verbal communication skills, with the ability to distill complex data into executive-ready insights.
• Ability to manage multiple projects independently while maintaining strong customer rapport.
• Comfortable acting as a project lead and SME for both customers and internal teammates.
• High degree of motivation, curiosity, and commitment to continuous learning.

Education

• Bachelor’s degree in Computer Science, Engineering, Information Security, Information Systems, or related discipline preferred.

We use Greenhouse Software as our applicant tracking system and Zoom Scheduler for HR screen request scheduling. At times, your email may block our communication with you. Please be sure to check your SPAM folder so that you don't miss updates on your application.

Why GuidePoint?

GuidePoint Security is a rapidly growing, profitable, privately-held value added reseller that focuses exclusively on Information Security. Since its inception in 2011, GuidePoint has grown to over 1000 employees, established strategic partnerships with leading security vendors, and serves as a trusted advisor to more than 4,200 customers. Firmly-defined core values drive all aspects of the business, which have been paramount to the company’s success and establishment of an enjoyable workplace atmosphere. At GuidePoint, your colleagues are knowledgeable, skilled, and experienced and will seek to collaborate and provide mentorship and guidance at every opportunity. This is a unique and rare opportunity to grow your career along with one of the fastest growing companies in the nation.

Some added perks…. Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions) Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family) and GPS will contribute in one lump sum: ($500 per EE annually / $1000 per family annually (includes spouse/children/family options) Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans 12 corporate holidays and a Flexible Time Off (FTO) program Healthy mobile phone and home internet allowance Eligibility for retirement plan after 2 months at open enrollment Pet Benefit Option