Principal Engineer - Vulnerability & Patch Management

As a Principal Engineer in Vulnerability & Patch Management at Optiv, you will play a critical role in implementing, optimizing and operationalize enterprise-wide vulnerability & patch management programs across internal and client environments. You will lead initiatives to enhance threat detection, risk prioritization, and remediation strategies, while collaborating with cross-functional teams to deliver high-impact security services. This role requires deep technical expertise, strategic thinking, and a passion for improving security posture through automation, analytics, and continuous improvement.

How You'll Make an Impact

• Serve as a subject matter expert in vulnerability management, leading the design and execution of scanning, analysis, and remediation workflows across hybrid environments.

• Collaborate with senior engineers, architects, and client stakeholders to deliver tailored vulnerability management solutions aligned with business and compliance requirements.

• Drive risk-based vulnerability prioritization, leveraging threat intelligence, asset criticality, and exploitability data.

• Lead enterprise-wide scanning initiatives, including authenticated scans across Windows, Linux, network devices, containers, and cloud platforms (AWS, Azure, GCP).

• Administer and optimize tools such as Qualys, Tenable, Rapid7, Prisma Cloud, Wiz and Tanium to support continuous monitoring and patch management.

• Utilize Tanium or other patch management tools to deploy patches, automate updates, and enforce configuration baselines across diverse endpoints.

• Develop and maintain dashboards and reporting using tools like Power BI to track KPIs, remediation progress, and risk trends.

• Define and implement vulnerability management KPIs, SLAs, and strategic goals in collaboration with leadership and clients.

• Produce detailed documentation of assessments, threat analysis, and remediation plans.

• Validate and track remediation efforts, ensuring closure of vulnerabilities and alignment with security policies.

• Provide expert guidance on threat modeling, external attack surface management, and exposure analysis.

• Act as a primary escalation point for zero-day vulnerabilities, patch-related incidents, coordinating with IT and engineering teams to resolve issues efficiently.

What We're Looking For

• 8+ years of experience in vulnerability management, including hands-on administration of platforms like Qualys, Tenable, Rapid7, Prisma Cloud, Contrast, and Tanium.

• Strong understanding of the vulnerability management lifecycle, including discovery, validation, prioritization, and remediation.

• Experience with cloud-native scanning and container security in AWS, Azure, and GCP environments.

• Proficiency in log analysis, TCP/IP networking, and endpoint telemetry to support threat investigations.

• Demonstrated ability to automate workflows and integrate vulnerability data into enterprise data lakes and CMDBs.

• Experience with external asset discovery, continuous monitoring, and attack surface management (ASM) tools.

• Strong analytical and problem-solving skills, with the ability to translate technical findings into business risk.

• Excellent communication skills and the ability to collaborate across technical and non-technical teams.

• Experience building and maintaining dashboards and metrics in Power BI or similar tools.

• Familiarity with security frameworks such as NIST, CIS, and MITRE ATT&CK is a plus.

• This role demands the availability during US Working Hours specifically from 5:00 PM to 2:00 AM IST. 

• This role is Work from Office position

Preferred Certifications

• CISSP, CISM, CISA, or equivalent

• Vendor-specific certifications (e.g., Qualys, Tanium, Tenable, Wiz, CSPM etc.)

What you can expect from Optiv

• A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups.
• Work/life balance
• Professional training resources
• Creative problem-solving and the ability to tackle unique, complex projects
• Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities.
• The ability and technology necessary to productively work remotely/from home (where applicable)

EEO Statement

Optiv is an equal opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity or expression, sexual orientation, pregnancy, age 40 and over, marital status, genetic information, national origin, status as an individual with a disability, military or veteran status, or any other basis protected by federal, state, or local law.

Optiv respects your privacy. By providing your information through this page or applying for a job at Optiv, you acknowledge that Optiv will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv’s selection and recruitment activities.  For additional details on how Optiv uses and protects your personal information in the application process, click here to view our Applicant Privacy Notice. If you sign up to receive notifications of job postings, you may unsubscribe at any time.