Fanatics

Vulnerability Management Engineer

Fanatics

full-time

Posted on:

Location Type: Hybrid

Location: Hyderabad • 🇮🇳 India

Visit company website
AI Apply
Apply

Job Level

JuniorMid-Level

Tech Stack

AWSAzureCloudCyber SecurityDockerGoogle Cloud PlatformJamfKubernetesLinuxUnix

About the role

  • Manage vulnerability programs for IT assets, containers (e.g., Docker, Kubernetes), and base golden images across operating systems (Windows, Linux, Unix).
  • Conduct regular scans using industry-standard tools.
  • Analyze and prioritize vulnerabilities based on risk, exploitability, and asset criticality.
  • Track and report remediation progress.
  • Collaborate with IT, DevOps, and development teams for timely remediation.
  • Develop policies and remediation plans, including golden image review processes.
  • Support incident response for vulnerability exploits.
  • Assess risks and recommend mitigation strategies.
  • Create executive dashboards on vulnerability and golden image security status.
  • Communicate findings to technical teams and leadership.
  • Maintain accurate vulnerability, asset, and golden image inventories.
  • Stay updated on emerging threats, vulnerabilities, and golden image security best practices.
  • Recommend tools for vulnerability, container, and golden image security management.
  • Support penetration testing, audits, and security training.

Requirements

  • 2+ years in vulnerability management, cybersecurity or related experience.
  • Deep, hands-on expertise with leading vulnerability scanning platforms (Tenable, Qualys, etc.)
  • Assessment of golden image reviews for Windows, Linux, Unix and Containers.
  • Familiarity with network protocols, operating systems, and cloud platforms (AWS, Azure, GCP).
  • Experience with patch and configuration management tools (e.g., Tanium, Intune, SSM, JAMF).
  • Expert understanding of the vulnerability lifecycle, risk assessment, and advanced prioritization techniques (CVSS, EPSS, CWE, CISA KEV).
  • Understanding of frameworks like NIST, OWASP.
  • Familiarity with compliance standards (e.g., PCI DSS, SOX).
  • Knowledge of threat modeling and penetration testing. Familiar with scripting languages.
  • Strong critical thinking and analytical skills
  • Ability to communicate complicated technical issues and risks to programmers, network engineers and managers.
  • Strong project and team-building skills
  • Exceptional communication skills with diverse audiences.
Benefits
  • Health insurance
  • Professional development opportunities

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
vulnerability managementcybersecurityvulnerability scanningrisk assessmentpatch managementconfiguration managementscripting languagesthreat modelingpenetration testinggolden image review
Soft skills
critical thinkinganalytical skillscommunication skillsproject managementteam-building skills