Vulnerability Management & Security Systems Engineer

Role

The Vulnerability Management & Security Systems Engineer is responsible for leading the organization’s vulnerability management lifecycle, with a strong emphasis on risk identification, tracking, and remediation across all environments. This role leverages tools such as Rapid7 and Manage Engine to drive measurable risk reduction and works closely with Information Security, Infrastructure, and Messaging teams to ensure secure, resilient systems. The engineer also provides security-focused systems and network engineering support as needed

Vulnerability Management

• Own and operate the enterprise vulnerability management program using Rapid
  7.
• Conduct regular vulnerability scans across servers, endpoints, network devices, applications, and cloud workloads.
• Analyze and validate scan results, prioritize findings based on risk, exploitability, and business impact.
• Track vulnerabilities through remediation using Rapid7 and other tools, ensuring accountability and timely closure.
• Partner with infrastructure, endpoint, and application teams to perform and/or coordinate remediation efforts.
• Verify remediation through rescanning and documentation.
• Develop metrics, dashboards, and reports to communicate risk posture and remediation progress.
• Support security audits, compliance initiatives, and third‑party risk assessments.

Security Systems & Messaging Engineering

• Provide security-focused engineering and administration for Windows and Linux systems.
• Support Microsoft 365 security and messaging services, including Exchange Online, Defender, and security configurations.
• Assist with patch management, configuration baselines, and system hardening.
• Implement and maintain security controls aligned with organizational standards and best practices.
• Support incident response activities related to vulnerabilities, malware, or system compromise.
• Participate in infrastructure and security improvement projects, including migrations and modernization efforts.

Required Qualifications

• Bachelor’s degree in Cybersecurity, Information Technology, or equivalent experience.
• 3+ years of experience in vulnerability management, security engineering, or systems engineering.
• Hands‑on experience with Rapid7 vulnerability scanning and reporting.
• Experience using Manage Engine or similar platforms for patching, ticketing, or remediation tracking.
• Strong understanding of Windows, Linux, and Microsoft 365 environments.
• Knowledge of vulnerability scoring (CVSS), threat modeling, and risk‑based prioritization.
• Ability to clearly communicate security risk to both technical and non‑technical audiences.

Preferred Qualifications

• Experience securing Microsoft 365 (Exchange Online, Defender, identity and access controls).
• Experience in cloud or hybrid environments.
• Security certifications such as Security+, CISSP, GIAC, or Microsoft Security certifications.
• Experience supporting regulated or compliance‑driven environments.

Core Competencies

• Risk‑based vulnerability prioritization
• Security‑first systems engineering
• Cross‑functional collaboration
• Strong documentation and reporting skills
• Continuous improvement mindset

This Job Description is not a complete statement of all duties and responsibilities comprising this position.

Southland Credit Union is an Equal Opportunity Employer.

USD $/Yr.

USD $/Yr.