Threat Detection and Vulnerability Managment Cybersecurity Engineer

InquisIT

$100K — $130K *
Information Technology
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Cybersecurity, Computer Science, or related field with 8+ years of experience in cybersecurity engineering, or 12+ years without a degree.
  • Proven experience managing the full lifecycle of vulnerability management, from discovery through continuous monitoring.
  • Hands-on experience with security controls implementation using NIST RMF, NIST 800-53, DISA STIGs, or similar frameworks.
  • Familiarity with vulnerability assessment tools such as Tenable, Nessus, Qualys, or Rapid7.
  • Experience in threat detection, hunting, and monitoring using SIEM and endpoint platforms.
  • Knowledge in conducting penetration testing and security assessments.
  • Strong analytical and communication skills for disruptive technical information.

Responsibilities

  • Manage the complete vulnerability management lifecycle across enterprise systems.
  • Lead and conduct penetration testing on applications, infrastructure, and cloud environments.
  • Perform both credentialed and non-credentialed vulnerability assessments using leading technologies.
  • Collaborate with technical teams to implement remediation measures and enhance security posture.
  • Automate processes for vulnerability management and compliance validation to boost operational efficiency.
  • Engage in proactive threat hunting and incident response using advanced security tools.
  • Document technical procedures and maintain security compliance artifacts to support audit readiness.

Benefits

  • Opportunity to work in a critical role enhancing cybersecurity posture.
  • Hands-on involvement in cutting-edge security technologies and methodologies.
  • Collaborative work environment with various technical teams.
  • Participation in significant threat detection and vulnerability management exercises.
Full Job Description
POSITION SUMMARY

We are seeking a hands-on Threat Detection and Vulnerability Management Cybersecurity Engineer to strengthen the organization's cybersecurity posture through proactive threat analysis, penetration testing, security engineering, and enterprise vulnerability management. This role is responsible for managing the full vulnerability lifecycle-from discovery and validation through risk prioritization, remediation, verification, and continuous monitoring-while defending enterprise systems against evolving cyber threats.

The ideal candidate is an experienced security engineer with a proven ability to investigate threats, validate vulnerabilities, implement and verify security controls, and collaborate with technical teams to strengthen enterprise security. This role requires hands-on experience applying NIST RMF, NIST 800-53, DISA STIGs, and other federal cybersecurity frameworks through technical implementation, vulnerability remediation, authorization support, threat hunting, penetration testing, and continuous improvement of security controls.

This is an onsite position based in Washington DC.

Primary Responsibilities
  • Manage the full vulnerability management lifecycle, including discovery, technical validation, risk prioritization, remediation planning, remediation verification, and continuous monitoring across enterprise systems
  • Lead, perform and support penetration testing activities against applications, infrastructure, cloud environments, and enterprise systems.
  • Perform credentialed and non-credentialed vulnerability assessments using enterprise platforms such as Tenable, Nessus, Qualys, Rapid7, or equivalent technologies.
  • Validate vulnerabilities through technical testing to determine exploitability, verify remediation effectiveness, and reduce organizational risk.
  • Partner with infrastructure, cloud, networking, and application teams to implement corrective actions and strengthen enterprise security.
  • Develop automation and scripting solutions to improve vulnerability management, compliance validation, reporting, and operational efficiency.
  • Perform proactive threat hunting, threat detection, threat analysis, and incident response using SIEM, EDR/XDR, endpoint telemetry, and network security tools.
  • Develop, tune, and maintain detection rules, correlation searches, dashboards, alerts, and monitoring capabilities to improve visibility and reduce false positives.
  • Analyze attacker tactics, techniques, and procedures (TTPs) using MITRE ATT&CK and threat intelligence to strengthen detection and response capabilities.
  • Support incident investigations through technical analysis, root cause determination, containment, and remediation recommendations.
  • Utilize tools such as Burp Suite, Metasploit, Nmap, Kali Linux, or similar security testing platforms to validate vulnerabilities and security controls.
  • Participate in red team, blue team, and purple team exercises to evaluate security posture and improve defensive capabilities.
  • Verify corrective actions by reproducing findings and confirming vulnerabilities have been successfully remediated.
  • mplement, assess, and validate technical security controls in accordance with NIST RMF, NIST 800-53, DISA STIGs, and organizational security requirements.
  • Support Authority to Operate (ATO) activities by providing technical evidence, validating security controls, supporting POA&M development, and verifying corrective actions.
  • Perform continuous monitoring to ensure security controls remain effective throughout the system lifecycle.
  • Develop and maintain technical documentation, standard operating procedures (SOPs), implementation guides, and assessment artifacts supporting operational effectiveness and audit readiness.

Required Experience and Qualifications
  • Bachelor's degree in Cybersecurity, Computer Science or related field and 8+ years of experience in cybersecurity engineering, threat detection, or related field (12+ without degree).
  • Demonstrated experience managing the full vulnerability lifecycle, including vulnerability discovery, validation, remediation, verification, and continuous monitoring.
  • Experience implementing, assessing, and validating security controls using NIST RMF, NIST 800-53, DISA STIGs, or similar federal cybersecurity frameworks.
  • Hands-on experience with vulnerability assessment platforms such as Tenable, Nessus, Qualys, Rapid7, or equivalent technologies.
  • Experience performing threat detection, threat hunting, security monitoring, or detection engineering using enterprise SIEM and endpoint security platforms.
  • Experience supporting or performing penetration testing, vulnerability validation, adversary simulation, or security assessments.
  • Experience administering or securing Windows and Linux enterprise environments.
  • Strong analytical, troubleshooting, written, and verbal communication skills with the ability to communicate technical findings and remediation recommendations to both technical and non-technical stakeholders.

Preferred Skills and Qualifications
  • Experience with CrowdStrike Falcon, Microsoft Defender, Microsoft Sentinel, Elastic (ELK), Splunk, or comparable SIEM/XDR platforms.
  • Experience using Burp Suite, Metasploit, Kali Linux, Nmap, BloodHound, or similar offensive security tools.
  • Experience with MITRE ATT&CK, threat intelligence, adversary emulation, or purple team exercises.
  • Experience securing AWS, Azure, or hybrid cloud environments.
  • Experience automating security tasks using Python, PowerShell, or Bash.
  • Familiarity with Zero Trust architectures and modern identity security concepts.

Core Technical Skills

Threat Hunting • Threat Detection • Detection Engineering • Vulnerability Management • Vulnerability Assessment • Vulnerability Remediation • Penetration Testing • Security Validation • MITRE ATT&CK • NIST RMF • NIST 800-53 • DISA STIGs • Continuous Monitoring • Incident Response • SIEM • EDR/XDR • Splunk • Elastic (ELK) • CrowdStrike Falcon • Microsoft Sentinel • Tenable • Nessus • Qualys • Rapid7 • Burp Suite • Metasploit • Nmap • Kali Linux • Windows Security • Linux Security • AWS Security • Azure Security • PowerShell • Python • Bash • Security Automation • Technical Documentation • ATO Support • POA&M Management

*The above statements are intended to describe the general nature and level of work being performed by the individual(s) assigned to this position. They are not intended to be an exhaustive list of all duties, responsibilities, and skills required. Management reserves the right to modify, add, or remove duties and to assign other duties as necessary.

Similar Jobs

More Jobs at InquisIT

More Information Technology Jobs

Find similar Threat Detection and Vulnerability Managment Cybersecurity Engineer jobs: