Senior Security Operations & Vulnerability Management Engineer

About This Role

Responsibilities

• Own the full lifecycle of vulnerability discovery and remediation, moving beyond "Critical/High" labels to prioritize based on reachability, exploitability-in-the-wild (EPSS/KEV), and the specific context of the environment
• Act as the primary technical point of contact for Engineering and DevOps, explaining the "why" behind a fix, helping teams navigate technical debt, and negotiating remediation timelines that balance security with product velocity
• Use MITRE ATT&CK® to pivot from vulnerability data to proactive hunting, identifying exposure surface and drafting briefs within hours when new Zero-Days emerge
• Build and tune detection logic and design SOAR playbooks to automate ticket routing, asset tagging, and evidence collection
• Act as a Tier 3 escalation point and Incident Commander for major security events, leading deep dives after incidents to ensure root causes are addressed in the TVM roadmap
• Develop and report on KPIs that matter to executive leadership, such as Mean Time to Remediation (MTTR) for exploited flaws and burn-down rates on mission-critical assets

Requirements

• 5–7+ years in SecOps and Threat & Vulnerability Management (TVM)
• Deep, hands-on experience with enterprise-grade scanners (Qualys, Tenable, or Rapid7) and the ability to integrate them into CI/CD pipelines and cloud workflows
• Fluency in AWS/Azure/GCP security and understanding of container image scanning versus VM scanning
• Proficiency in Python, PowerShell, or SQL to pull data from APIs and identify meaningful outliers
• Ability to explain vulnerabilities and exploits to both technical engineers and executive leadership
• Strong command of NIST CSF and MITRE ATT&CK frameworks and their practical application
• Understanding of exploit development and penetration testing methodologies with the ability to identify "low hanging fruit" for attackers
• Professional certifications like CISSP, GCIH, or GEVA (GIAC Enterprise Vulnerability Assessor) highly regarded
• Cloud certifications (CCSP, AWS Security) or degree in Cybersecurity/CS a plus

Benefits & Perks

About SolarWinds

SolarWinds is a prominent provider of observability and IT management software, aimed at helping organizations monitor, analyze, and optimize their IT infrastructure in hybrid and multi-cloud environments. Founded in 1999 in Tulsa, Oklahoma, the company has grown significantly, relocating its headquarters to Austin, Texas, and expanding internationally. The company offers a comprehensive suite of IT management solutions, including network management, systems and database monitoring, application performance monitoring, and IT service management. Their SolarWinds Platform integrates these solutions to enhance performance, reliability, and security for enterprises. With over 300,000 customers worldwide, SolarWinds serves a diverse range of businesses, from small and mid-sized companies to large enterprises. The company also fosters a strong user community through THWACK®, which has nearly 200,000 members.