Principal Security Engineer - Vulnerability Management

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Principal Security Engineer - Vulnerability Management in United States.

This role focuses on leading vulnerability management initiatives to protect critical systems and data across cloud and on-premises environments. The Principal Security Engineer will design, implement, and optimize security programs, tools, and automation workflows to proactively identify and remediate risks. You will work closely with platform, development, and security teams to enforce best practices, ensure compliance, and integrate security into CI/CD pipelines and cloud infrastructure. This position offers a high-impact opportunity to guide security strategy, mentor team members, and influence system design across complex enterprise environments. The ideal candidate combines deep technical expertise with strong communication skills, a security-first mindset, and hands-on experience in AWS, containers, and vulnerability remediation. Success in this role directly improves system resilience, mitigates threats, and strengthens organizational security posture.

Accountabilities

• Lead the vulnerability management program, including identification, prioritization, and remediation of security risks across infrastructure, cloud, and network environments.
• Collaborate with platform and development teams to implement secure design and operational best practices.
• Conduct vulnerability assessments, risk analysis, and develop automated workflows for detection and remediation.
• Oversee the integration of security tools and monitoring solutions, such as Jira, JupiterOne, Palo Alto Prisma, and AWS Security Hub.
• Maintain expertise in cloud security, IaC tools (Terraform, Pulumi, CloudFormation), container technologies, and CI/CD pipelines.
• Interpret CVSS and proprietary security scoring to escalate threats and coordinate mitigation with stakeholders.
• Mentor and support junior security team members, fostering knowledge sharing and growth.
• Document processes, incident responses, and security findings for internal and compliance purposes.
• Continuously evaluate emerging security technologies and practices to enhance program effectiveness.
  
  

Requirements

• 6+ years of professional experience in security engineering, vulnerability management, or related roles.
• Hands-on expertise in vulnerability remediation, lifecycle management, and automated security solutions.
• Strong understanding of cloud environments, especially AWS services (Route53, IAM, Security Groups, S3, CloudWatch, GuardDuty, Security Hub).
• Proficiency with containerization technologies and orchestration platforms.
• Experience with infrastructure-as-code (Terraform, Pulumi, CloudFormation) and CI/CD security integration.
• Solid knowledge of attack techniques, exploitability, supply chain risks, and APT tactics.
• Programming/scripting proficiency (Python) for automation of security workflows.
• Excellent written and verbal communication skills for collaboration and security documentation.
• Ability to work independently and within distributed teams, managing multiple priorities effectively.
  
  

Benefits

• Competitive salary range: $120,000–$200,000 USD.
• Equity opportunities and annual performance-based bonuses.

Browse our curated collection of remote jobs across all categories and industries, featuring positions from top companies worldwide.

• Comprehensive medical, dental, and vision coverage.
• Retirement plans with employer match and tax-advantaged options.
• Paid time off, sick leave, and company-observed holidays.
• Professional development opportunities and mentoring programs.
• Fully remote work within the U.S., supporting flexible work-life balance.
• Access to cutting-edge security tools and a collaborative, high-impact team environment.
  
  

Why Apply Through Jobgether?

We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team.

We appreciate your interest and wish you the best!

Why Apply Through Jobgether?

Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.