Principal Engineer - Vulnerability & Patch Management

1 Month ago • 8 Years + • Software Development & Engineering

Job Summary

Job Description

As a Principal Engineer in Vulnerability & Patch Management at Optiv, you will be responsible for implementing, optimizing, and operationalizing enterprise-wide vulnerability and patch management programs. This includes enhancing threat detection, risk prioritization, and remediation strategies through collaboration with cross-functional teams. You will act as a subject matter expert, leading scanning, analysis, and remediation workflows. The role involves driving risk-based vulnerability prioritization, administering tools like Qualys, Tenable, Rapid7, and Tanium, and developing dashboards for reporting KPIs and risk trends. You will also provide guidance on threat modeling and act as an escalation point for zero-day vulnerabilities.
Must have:
  • 8+ years in vulnerability management
  • Hands-on administration of Qualys, Tenable, Rapid7, etc.
  • Strong understanding of vulnerability lifecycle
  • Experience with cloud-native scanning
  • Proficiency in log analysis and networking
  • Ability to automate workflows
  • Excellent communication skills
  • Experience building dashboards
Good to have:
  • Experience with external asset discovery
  • Familiarity with NIST, CIS, MITRE ATT&CK
  • CISSP, CISM, CISA certifications
  • Vendor-specific certifications
Perks:
  • Work/life balance
  • Professional training resources
  • Creative problem-solving opportunities
  • Volunteer opportunities

Job Details

As a Principal Engineer in Vulnerability & Patch Management at Optiv, you will play a critical role in implementing, optimizing and operationalize enterprise-wide vulnerability & patch management programs across internal and client environments. You will lead initiatives to enhance threat detection, risk prioritization, and remediation strategies, while collaborating with cross-functional teams to deliver high-impact security services. This role requires deep technical expertise, strategic thinking, and a passion for improving security posture through automation, analytics, and continuous improvement.

How You'll Make an Impact

  • Serve as a subject matter expert in vulnerability management, leading the design and execution of scanning, analysis, and remediation workflows across hybrid environments.

  • Collaborate with senior engineers, architects, and client stakeholders to deliver tailored vulnerability management solutions aligned with business and compliance requirements.

  • Drive risk-based vulnerability prioritization, leveraging threat intelligence, asset criticality, and exploitability data.

  • Lead enterprise-wide scanning initiatives, including authenticated scans across Windows, Linux, network devices, containers, and cloud platforms (AWS, Azure, GCP).

  • Administer and optimize tools such as Qualys, Tenable, Rapid7, Prisma Cloud, Wiz and Tanium to support continuous monitoring and patch management.

  • Utilize Tanium or other patch management tools to deploy patches, automate updates, and enforce configuration baselines across diverse endpoints.

  • Develop and maintain dashboards and reporting using tools like Power BI to track KPIs, remediation progress, and risk trends.

  • Define and implement vulnerability management KPIs, SLAs, and strategic goals in collaboration with leadership and clients.

  • Produce detailed documentation of assessments, threat analysis, and remediation plans.

  • Validate and track remediation efforts, ensuring closure of vulnerabilities and alignment with security policies.

  • Provide expert guidance on threat modeling, external attack surface management, and exposure analysis.

  • Act as a primary escalation point for zero-day vulnerabilities, patch-related incidents, coordinating with IT and engineering teams to resolve issues efficiently.

What We're Looking For

  • 8+ years of experience in vulnerability management, including hands-on administration of platforms like Qualys, Tenable, Rapid7, Prisma Cloud, Contrast, and Tanium.

  • Strong understanding of the vulnerability management lifecycle, including discovery, validation, prioritization, and remediation.

  • Experience with cloud-native scanning and container security in AWS, Azure, and GCP environments.

  • Proficiency in log analysis, TCP/IP networking, and endpoint telemetry to support threat investigations.

  • Demonstrated ability to automate workflows and integrate vulnerability data into enterprise data lakes and CMDBs.

  • Experience with external asset discovery, continuous monitoring, and attack surface management (ASM) tools.

  • Strong analytical and problem-solving skills, with the ability to translate technical findings into business risk.

  • Excellent communication skills and the ability to collaborate across technical and non-technical teams.

  • Experience building and maintaining dashboards and metrics in Power BI or similar tools.

  • Familiarity with security frameworks such as NIST, CIS, and MITRE ATT&CK is a plus.

  • This role demands the availability during US Working Hours specifically from 5:00 PM to 2:00 AM IST. 

  • This role is Work from Office position

Preferred Certifications

  • CISSP, CISM, CISA, or equivalent

  • Vendor-specific certifications (e.g., Qualys, Tanium, Tenable, Wiz, CSPM etc.)

What you can expect from Optiv

  • A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups.
  • Work/life balance
  • Professional training resources
  • Creative problem-solving and the ability to tackle unique, complex projects
  • Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities.
  • The ability and technology necessary to productively work remotely/from home (where applicable)

EEO Statement

Optiv is an equal opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity or expression, sexual orientation, pregnancy, age 40 and over, marital status, genetic information, national origin, status as an individual with a disability, military or veteran status, or any other basis protected by federal, state, or local law.

Optiv respects your privacy. By providing your information through this page or applying for a job at Optiv, you acknowledge that Optiv will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv’s selection and recruitment activities.  For additional details on how Optiv uses and protects your personal information in the application process, click here to view our Applicant Privacy Notice. If you sign up to receive notifications of job postings, you may unsubscribe at any time.

Similar Jobs

PwC - Internal Firm Services Specialist

PwC

Kolkata, West Bengal, India (On-Site)
3 Weeks ago
Oliver Plus - Copywriter

Oliver Plus

Colombia (Remote)
2 Weeks ago
Evoplay games - Product Manager (iGaming)

Evoplay games

(Remote)
1 Month ago
Granicus - Sales Operations Analyst

Granicus

Costa Rica (Remote)
1 Month ago
Capgemini - Change and Release Management

Capgemini

Mumbai, Maharashtra, India (On-Site)
2 Months ago
Alten Technology - Advanced Vehicle Dynamics Engineer

Alten Technology

Auburn Hills, Michigan, United States (On-Site)
2 Months ago
Omnissa - Member of technical staff (Appsecurity, Pentesting)

Omnissa

Bengaluru, Karnataka, India (Hybrid)
9 Months ago
Marvell - Principal Engineer, Digital IC Design

Marvell

Hsinchu County, Taiwan (On-Site)
2 Weeks ago
Valeo - Hardware Engineer

Valeo

Martos, Andalusia, Spain (On-Site)
2 Weeks ago
Zelis  - Senior Software Engineer

Zelis

Hyderabad, Telangana, India (Hybrid)
1 Year ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

SEGA - Senior Software Engineer (Graphics)

SEGA

London, England, United Kingdom (Hybrid)
5 Months ago
Crowd Strick - Analyst, Falcon Complete

Crowd Strick

Singapore (Remote)
3 Weeks ago
PwC - PaPM Role

PwC

Zürich, Zurich, Switzerland (On-Site)
10 Months ago
Coupa - Network Administrator

Coupa

Bogota, Colombia (Hybrid)
1 Month ago
Nice - Senior Services Engineer, Managed Services

Nice

Pune, Maharashtra, India (Hybrid)
1 Month ago
dbt Labs - Senior Software Engineer II

dbt Labs

Romania (Remote)
2 Weeks ago
Adyen - Head of Developer Advocacy

Adyen

Chicago, Illinois, United States (Hybrid)
2 Months ago
Tesla - Senior Project Engineer - BESS, EMEA

Tesla

Madrid, Community Of Madrid, Spain (On-Site)
5 Months ago
CD PROJEKT RED - Senior Gameplay Designer

CD PROJEKT RED

Warsaw, Masovian Voivodeship, Poland (On-Site)
2 Weeks ago

Get notifed when new similar jobs are uploaded

Jobs in Bengaluru, Karnataka, India

Paytm - Sales Team Lead - QR & Soundbox

Paytm

Erode, Tamil Nadu, India (On-Site)
1 Month ago
beghou consulting - Marketing Ops/Growth Specialist

beghou consulting

Bengaluru, Karnataka, India (Hybrid)
5 Months ago
ShyftLabs - Network Engineer

ShyftLabs

Noida, Uttar Pradesh, India (Hybrid)
1 Year ago
Ajmera Infotech - Accountant (US Books of Accounts)

Ajmera Infotech

Ahmedabad, Gujarat, India (On-Site)
5 Months ago
GoMotive - IT Systems Engineer

GoMotive

India (Remote)
3 Weeks ago
InMobiInMobi - HR Site Manager

InMobiInMobi

Lucknow, Uttar Pradesh, India (On-Site)
1 Month ago
Zelis  - Marketing Analytics Specialist

Zelis

Hyderabad, Telangana, India (On-Site)
2 Months ago
Capgemini - Image Processing

Capgemini

Hyderabad, Telangana, India (On-Site)
2 Months ago
Qualcomm - CPU Performance & Power Analyst/Sr Lead Engineer

Qualcomm

Bengaluru, Karnataka, India (On-Site)
2 Months ago
Paytm - Social Media & Content Manager

Paytm

Bengaluru, Karnataka, India (Hybrid)
2 Months ago

Get notifed when new similar jobs are uploaded

Software Development & Engineering Jobs

Enphase Energy - Sr. Engineer - Oracle APEX Developer

Enphase Energy

Bengaluru, Karnataka, India (On-Site)
8 Months ago
Google - Technical Solutions Consultant, Android Auto Partner Engineering

Google

Kraków, Lesser Poland Voivodeship, Poland (On-Site)
3 Months ago
The Walt Disney Company - KABC Freelance Maintenance Engineer

The Walt Disney Company

Glendale, California, United States (On-Site)
9 Months ago
Perplexity - Anti-Fraud & Abuse Engineer

Perplexity

New York, New York, United States (On-Site)
1 Month ago
LMArena - Engineering Manager

LMArena

California, United States (Hybrid)
2 Months ago
nissan - SDV Architecture Development Engineer

nissan

Yokohama, Kanagawa, Japan (On-Site)
1 Year ago
Scale AI - Software Engineer, Identity

Scale AI

San Francisco, California, United States (On-Site)
1 Month ago
CAE - Senior Manager Engineering

CAE

Broken Arrow, Oklahoma, United States (On-Site)
2 Weeks ago
Google - Staff Software Engineer, YouTube

Google

Mountain View, California, United States (On-Site)
3 Months ago
Google - Software Engineering Manager (For Women in Tech Candidates)

Google

São Paulo, State Of São Paulo, Brazil (On-Site)
9 Months ago

Get notifed when new similar jobs are uploaded

About The Company

We work alongside clients to manage cyber risk and equip them with perspectives and programs to accelerate business progress. Our real-world experience, deep vertical expertise and diverse teams enable us to face any challenge with confidence. We put you at the center of our unmatched ecosystem of people, products, partners and programs to design and implement agile solutions. Our adaptive approach continually assesses risk in the context of cyber and broader objectives to secure today's business and fortify it for the future.

Overland Park, Kansas, United States (Remote)

Austin, Texas, United States (Remote)

San Francisco, California, United States (On-Site)

Los Angeles, California, United States (On-Site)

Bengaluru, Karnataka, India (Remote)

Tampa, Florida, United States (On-Site)

Baltimore, Maryland, United States (On-Site)

Cleveland, Ohio, United States (Remote)

Seattle, Washington, United States (On-Site)

View All Jobs

Get notified when new jobs are added by Optiv

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug