Publicado hoy.
Especialista en Manejo de Vulnerabilidad - Cloud Middle - Remoto en Crossbridge
Sueldo oculto
Remoto: Chile, México, Argentina, Bolivia, Colombia, Dominican Republic, Ecuador, El Salvador, Guatemala, Honduras, Nicaragua, Paraguay, Peru, Uruguay
Empleado de tiempo completo
Inglés : Nivel Avanzado
We are looking for a Cloud Vulnerability Management Engineer to support vulnerability management operations across AWS, Azure, and SaaS environments . This is a hands-on role focused on operating enterprise vulnerability management tools, prioritizing risk, and working closely with engineering and security teams to drive remediation.
This is a contractor position with an initial 6-months term , with a strong possibility of extension based on performance and business needs .
Requirements
3+ years of experience in security operations or vulnerability management
Hands-on experience with Tenable, Qualys, or similar vulnerability management platforms in cloud-native environments
Strong knowledge of cloud security principles, especially AWS and Azure services
Familiarity with regulatory and security frameworks such as NIST CSF, SOX, and FRAPRA
Experience prioritizing vulnerabilities using CVSS, EPSS, and CISA KEVs
Strong communication skills, with experience working cross-functionally with Engineering, Infrastructure, and AppSec teams
Ability to clearly present risk findings to both technical teams and executive stakeholders
Ability to pass required background checks
Responsibilities
Lead and support vulnerability management operations across cloud (AWS/Azure) and SaaS environments
Own the configuration, tuning, and operational use of Tenable One or equivalent tools
Prioritize vulnerabilities using threat-based models and real-world risk indicators
Partner with Engineering, Infrastructure, SOC, and AppSec teams to define and track remediation plans
Track remediation SLAs, exceptions, and risk acceptance
Produce vulnerability metrics, trends, and reports for leadership, compliance, and audit purposes (SOX, FRAPRA)
Participate in incident response efforts related to active exploitation or critical vulnerabilities
Develop and maintain SOPs, playbooks, dashboards, and documentation for vulnerability management processes
Correlate vulnerability findings with threat intelligence feeds
Track emerging vulnerabilities (CVEs, zero-days) and assess potential organizational impact
Maintain asset inventory and vulnerability baselines
Support remediation verification, rescanning activities, and annual external penetration tests