×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer

Technology Vulnerability Management Engineer

Job in Santa Monica, Los Angeles County, California, 90403, USA
Listing for: Cooley LLP
Full Time position
Listed on 2026-01-16
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer
Job Description & How to Apply Below

Technology Vulnerability Management Engineer

Cooley is seeking a Technology Vulnerability Management Engineer to join the Security team.

Position Summary

Cooley Technology embraces a culture of customer service excellence, and all members of the department are expected to move this agenda forward. To that end, the Technology Vulnerability Management Engineer is expected to recognize that the Cooley Technology department is a service organization first and foremost and will be evaluated on this requirement equal in importance to the technical or operational responsibilities outlined later in this document.

The Technology Vulnerability Management Engineer will lead the full vulnerability management lifecycle across endpoints, servers, applications, containers, and cloud environments. This role owns discovery, validation, risk-based prioritization, and remediation outcomes. The engineer will administer and optimize vulnerability management platforms, automate data flows and reporting, and partner with Technology and Innovation teams to meet SLA targets and reduce enterprise risk. The position will be a balance of hands‑on technical execution, program leadership, and clear communication, while staying current on emerging threats and supporting audits, compliance efforts, and incident response activities.

Specific duties include, but are not limited to, the following:

Position Responsibilities
  • Support the development and continuous optimization of vulnerability management services, including scanning cadence, exception handling, SLAs and alignment with security controls
  • Build and maintain standards, playbooks, and repeatable processes to improve the efficiency and maturity of the vulnerability management program
  • Administer and optimize enterprise vulnerability management platforms (e.g., Tenable/Qualys/Rapid7), ensuring accurate coverage across assets
  • Integrate asset context from CMDB, EDR, and cloud inventory to drive effective risk‑based prioritization
  • Build automation for data ingestion, deduplication, ticketing, and reporting using APIs, scripting, and other tools to improve data quality and reduce false positives
  • Analyze and interpret vulnerability scan results to assess severity, validate findings, and provide actionable remediation recommendations
  • Publish dashboards and reports tailored for engineers, management, and executive leadership to communication progress and risk
  • Drive remediation efforts, including patching, configuration baselines, and compensating controls, and validate results through rescans or attestations
  • Partner with developers, Dev Ops, and other stakeholders to implement "shift-left" practices such as pipeline scanning, container/base-image hygiene, and Infrastructure-as-Code (IaC) hardening
  • Collaborate with cross‑functional teams to implement security solutions and controls that mitigate identified vulnerabilities
  • Support audits, assessments, and regulatory compliance requirements by providing accurate documentation and evidence
  • Identify opportunities for process improvements, tool optimization, and template standardization to increase efficiency and reduce operational overhead
  • Stay current on emerging threats, vulnerabilities, and industry best practices to ensure the program remains effective and modern
  • Contribute to advanced security testing activities such as penetration testing, application reviews and targeted vulnerability assessments as needed
  • Assist with incident response activities by providing vulnerability context, supporting root cause analysis, and helping to validate containment and remediation actions
  • All other duties as assigned or required
Skills and experience

Required:

  • After orientation at Cooley LLP, exhibit proficiency in the Microsoft 365, MECM, Intune, iManage and other firm applications
  • Ability to work extended and/or weekend hours, as required
  • 2+ years of experience in cyber security, vulnerability management, or penetration testing. Senior candidates must have 5+ years' directly applicable experience in the field
  • Strong hands‑on experience conducting vulnerability scans, including configuration and use of tools such as Tenable, Qualys, Rapid7
  • Knowledge of…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search