Apply on Employer Site

Cisco · 2 weeks ago

Senior Vulnerability Management Engineer

Cary, NC

Full-time

Onsite

Senior Level

$164K/yr - $235K/yr

6+ years exp

Cisco is a leading technology company focused on cybersecurity and data insights. The Senior Vulnerability Management Engineer will be responsible for identifying and addressing security risks, providing actionable insights, and improving the company's Vulnerability Management Program through data analysis and collaboration with various teams.

Communications InfrastructureEnterprise SoftwareHardwareSoftware

Growth Opportunities

H1B Sponsor Likely

Responsibilities

Build solutions/capabilities within the scope of Vulnerability Management to further improve Splunk’s Vulnerability Management Program (e.g., automation, data analysis, process development)

Act as SME (subject matter expert) for vulnerability management and processes

Analyze vulnerability data/Identifying trends to perform root-cause analysis

Assist in development of new security standards and baselines

Perform vulnerability assessments and act as a point of contact for engineering teams to drive remediation of security concerns and active incidents

Respond to emerging security events and threats

Triage vulnerabilities to provide company specific severity guidance

Ensure remediation team compliance to regulatory standards

Comfortably lead security discussions, vulnerability assessments, propose and discuss solutions to security tools that are directly related to their area of focus

Develop SOPs, performance metrics, and reporting mechanisms aligned with SLAs and critical metrics

Engage with leadership, customers, and auditors to provide updates, recommendations, and briefings

Qualification

Vulnerability ManagementRisk-based assessmentsVulnerability scanning toolsCloud security architectureData analysisRoot cause analysisSecurity standards developmentCompliance requirements knowledgeAnalytical skillsCommunication skillsProblem-solving skillsProject leadershipCollaboration

Required

Bachelor's degree with 8+ years of experience in a vulnerability management engineering or information security capacity or Master's degree with 6+ years of experience; or PhD with 5+ years of related experience

Must have experience with risk-based vulnerability management/configuration compliance assessments and security concepts and prioritization methodologies

Able to communicate risk and urgency to executives, program, and technical staff

Demonstrable proficiency with vulnerability scanning and configuration compliance platforms such as Tenable, Qualys, Rapid7, Wiz, Prisma, or similar

Familiarity with how to assess and implement external configuration compliance standards such as CIS Benchmarks and DISA STIGs

Understanding of security features in Container and Container Orchestration technologies (Docker, Kubernetes, etc)

Strong analytical and problem-solving skills, with an ability to balance security needs with business impact while addressing systemic security issues through root cause analysis, building security solutions, and project leadership

Knowledge of common security threats, such as attack-techniques, evasive techniques, and preventative & defensive methods

Deep knowledge of cloud operational models and secure SaaS architecture in a world of containerized microservices

Familiarity of compliance requirements for certifications like PCI DSS, SOC2, HIPAA, FedRAMP

Preferred

Functional in using Splunk Search Processing Language (SPL)

Excellent working experience in applying FISMA, and FedRAMP processes and policies to information systems

Experience with scripting and automation (e.g., Python, SOAR) to automate scanning tasks, reporting, and API integrations

Industry certifications such as CISSP, CCSP, CompTIA CySA+, Cloud Vendor security credentials

Benefits

Medical, dental and vision insurance

401(k) plan with a Cisco matching contribution

Paid parental leave

Short and long-term disability coverage

Basic life insurance

10 paid holidays per full calendar year

1 floating holiday for non-exempt employees

1 paid day off for employee’s birthday

Paid year-end holiday shutdown

4 paid days off for personal wellness determined by Cisco

16 days of paid vacation time per full calendar year

Flexible vacation time off program

80 hours of sick time off provided on hire date

Up to 80 hours of unused sick time carried forward from one calendar year to the next

Additional paid time away may be requested to deal with critical or emergency issues for family members

Optional 10 paid days per full calendar year to volunteer

Annual bonuses subject to Cisco’s policies

Company

Cisco

Glassdoor4.3

Cisco develops, manufactures, and sells networking hardware, telecommunications equipment, and other technology services and products. It is a sub-organization of Cisco Press.

Founded in 1984

San Jose, California, USA

10001+ employees

http://www.cisco.com

H1B Sponsorship

Cisco has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2025 (1238)

2024 (1231)

2023 (1273)

2022 (2127)

2021 (1991)

2020 (1173)

Funding

Current Stage

Public Company

Total Funding

unknown

1990-02-13IPO

Leadership Team

Chuck Robbins

Chair and CEO

Carl Solder

Chief Technology Officer - Cisco System Australia/New Zealand

Recent News

Indian Express

China This Week | Chinese export controls on Japan, and military drills with Iran, Russia and South Africa

2026-01-12

SecneNow

Egypt Scales Digital Training With National Telecom Institute

2026-01-12

TradingView

US Supreme Court to hear suit claiming Cisco helped China pursue Falun Gong

2026-01-11

Company data provided by crunchbase