Skip to content
NasuniNasuniUnited States

Security Engineer II - Cloud & Vulnerability Management

Security Engineer II focused on vulnerability management, asset visibility, and cloud security across AWS, Azure, and GCP. Owns vulnerability lifecycle processes using Wiz and Rapid7, drives remediation with engineering teams, and supports incident response.

Salary not listed
Remote3+ YOESecurity Engineering

About the role

Asset & Vulnerability Management

  • Own day-to-day execution of vulnerability management processes and tooling across cloud infrastructure (Wiz), on-premises and network assets (Rapid7), while contributing to ongoing program improvements.
  • Support the maintenance of a current, accurate asset inventory across cloud workloads, physical infrastructure, network devices, and employee endpoints.
  • Manage the full vulnerability lifecycle, including identification, triage, prioritization, remediation coordination, and validation.
  • Partner with Engineering, SRE, and IT/Infrastructure teams to drive remediation activities.
  • Produce clear, actionable vulnerability reporting for Engineering and IT/Infrastructure stakeholders and security leadership.
  • Track remediation SLAs, identify patterns in recurring weaknesses, and recommend systemic improvements to reduce exposure.
  • Contribute to patch management coordination efforts and support secure configuration baseline reviews across key asset classes.
  • Maintain visibility and inventory accuracy across cloud, endpoint, network, and infrastructure assets in partnership with IT/Infrastructure teams.

Cloud and Infrastructure Security

  • Monitor cloud security posture via Wiz across AWS, Azure, and GCP environments — identifying misconfigurations, high-risk exposures, and policy violations.
  • Support secure configuration of cloud workloads, network controls, IAM, and infrastructure components in collaboration with engineering and SRE teams.
  • Identify and escalate configuration drift, excessive permissions, and security gaps in cloud infrastructure.
  • Provide security input on infrastructure changes and support security reviews as needed.

Incident Response

  • Support security incidents where infrastructure, asset, or vulnerability context is needed.
  • Independently manage and investigate moderate-severity security incidents within your domain; conduct root cause analysis and contribute to post-incident reviews.
  • Maintain and improve documentation and runbooks for asset, vulnerability, and endpoint-related incident response procedures.
  • Support additional incident response efforts as needed.

Compliance and Documentation

  • Support internal and external evidence collection and control documentation for within your areas of ownership.
  • Maintain accurate records of scanning activity, remediation outcomes, and asset coverage for audit readiness.
  • Contribute to security awareness initiatives and help communicate security expectations around patch and configuration hygiene to engineering teams.

Growth and Collaboration

  • Share knowledge and support team development through collaboration and peer guidance.
  • Identify operational gaps and recommend practical improvements to strengthen security posture and program effectiveness.
  • Leverage AI-assisted tools to improve security analysis, vulnerability triage, reporting, and operational workflows while validating outputs and maintaining accountability for decisions.

What You Will Bring

Experience

  • 3–6 years of experience in security engineering, cloud security, vulnerability management, or a closely related role.
  • Hands-on experience managing vulnerability scanning or asset management programs in a cloud or hybrid environment.
  • Experience coordinating remediation efforts across Engineering, Infrastructure and/or IT teams.
  • Experience prioritizing vulnerabilities using risk-based methodologies and business context.
  • Experience using AI-enabled tools to improve operational efficiency, analysis, investigation, or reporting while applying appropriate validation and security controls.

Skills

  • Experience with cloud security platforms, ideally including Wiz or a comparable CSPM tool; familiarity with AWS, Azure, or GCP security fundamentals.
  • Hands-on experience with vulnerability management tools such as Rapid7 InsightVM, Qualys, Tenable, or equivalent.
  • Working knowledge of network protocols, network security fundamentals, and infrastructure security concepts (TCP/IP, firewall logic, segmentation).
  • Familiarity with secure configuration standards such as CIS Benchmarks and common vulnerability frameworks (CVSS, CVE).
  • Strong written and verbal communication skills. Able to translate vulnerability findings into clear, prioritized guidance for cross-functional partners.
  • Ownership mindset: you follow through on commitments, track your own work, and raise blockers early.
  • Collaborative and reliable partner across engineering, IT/infrastructure, and security teams.

Education and Certifications

  • Bachelor's degree in Information Security, Computer Science, or a related field; or equivalent practical experience.
  • Certifications preferred: CompTIA Security+, AWS Security Specialty, CySA+, or equivalent.

Skills

WizRapid7 InsightvmAWSAzureGCPQualysTenableCvssCveCis Benchmarks
Forus

Security Program Manager

ForusNew York, NY

Own end-to-end compliance programs (SOC 2, HIPAA, HITRUST), build customer trust function, implement automation, and partner with engineering on controls for a healthcare AI platform handling protected health information.

Salary not listed
On-site4+ YOESecurity Engineering
Anthropic

Safeguards Enforcement Analyst, Account Takeover & Credential Abuse

AnthropicSan Francisco, CA +2

Safeguards Enforcement Analyst focused on account takeover and credential abuse. Investigate compromise incidents, design remediation workflows, partner with engineering on detection, enforce AI usage policies, and develop scalable enforcement programs for platform safety.

245k – 285k/yr
HybridSecurity Engineering
Zocdoc

Application Security Engineer

ZocdocUnited States

Application Security Engineer partnering with engineering teams to embed security into the SDLC, triage SAST/SCA findings, provide remediation guidance on OWASP issues, maintain security docs/playbooks, support governance/audits, and integrate GenAI tools while building AI governance guardrails.

100k – 140k/yr
RemoteSecurity Engineering
Cloudflare

Detection & Mitigation Engineer

CloudflareUnited States

Security Detections Engineer identifying attacker TTPs, building real-time detections, and mitigating threats/abuse across Cloudflare's global platform using data analysis, SQL, scripting, and threat intelligence. Requires strong analytical and communication skills.

Salary not listed
HybridSecurity Engineering
Mintlify

Security & Compliance Operations Manager

MintlifySan Francisco, CA

Own and run Mintlify's end-to-end security and compliance programs (SOC 2, ISO 27001/42001, GDPR, Microsoft SSPA) as the first dedicated GRC Program Manager. Administer Drata, manage audits/vendors/evidence, handle customer-facing compliance, and coordinate with engineering.

120k – 180k/yr
On-site3+ YOESecurity Engineering