Job Description

Job Summary We are seeking an experienced and results-driven Endpoint Vulnerability Manager to lead our efforts in identifying, managing, and mitigating endpoint vulnerabilities across our enterprise environment. This role requires hands-on expertise in managing enterprise tools like SCCM (System Center Configuration Manager) and Tenable for vulnerability scanning and remediation. The successful candidate will play a pivotal role in safeguarding the organization's endpoint security while ensuring compliance with industry standards and regulatory requirements. Key Responsibilities Vulnerability Management Manage the end-to-end process of endpoint vulnerability detection, prioritization, and remediation. Utilize Tenable to conduct comprehensive scans of endpoint devices, including desktops, laptops, and mobile devices, identifying security gaps and vulnerabilities. Implement patching and configuration updates processes using SCCM and other deployment options to reduce vulnerabilities across the environment. Monitor and report on vulnerability remediation progress and effectiveness. Endpoint Security Strategy Develop and maintain endpoint security strategies that align with organizational risk tolerance and industry best practices. Ensure compliance with security baselines and frameworks, such as CIS Benchmarks and NIST standards. Identify and mitigate risks arising from unpatched systems, misconfigurations, or outdated software. Tool Management and Optimization Partner with the Software Delivery Engineering Manager to ensure configuration and maintenance of SCCM platform is optimal for patch deployment, software updates, and operating system management. In partnership with Security & Compliance and Software Delivery Engineering teams, manage Tenable client compliance in order to optimize Tenable for scanning, reporting, and integration with other security tools. Automate routine tasks and processes to enhance the efficiency of endpoint vulnerability management efforts. Collaboration and Communication Partner with client management, service delivery and infrastructure teams to ensure vulnerabilities are addressed in a timely manner. Provide detailed reporting and dashboards on endpoint vulnerabilities to technical teams and management. Communicate technical concepts to non-technical stakeholders, ensuring clear understanding of risks and remediation plans. Provide and maintain training material and upskill junior engineering staff through remote training in best practice processes and procedures to optimize vulnerability remediation. Compliance and Governance Work with Security and Compliance teams to ensure endpoint vulnerability management practices comply with relevant regulatory standards such as HIPAA, PCI-DSS, or GDPR. Participate in audits and provide required documentation on endpoint vulnerability management activities. Regularly assess endpoint security posture and recommend improvements based on evolving threats. Required Qualifications Education & Experience Bachelors degree in Computer Science, Information Security, or a related field (or equivalent experience). 5+ years of experience in vulnerability management or endpoint security roles, preferably in a large enterprise environment Proven ability to sift through and rationalize large datasets with Technical Skills Strong knowledge of Windows and MacOS operating systems Advanced proficiency and practical application of SCCM and Intune for software deployment, patch management, and OS lifecycle Proficiency with Tenable or similar vulnerability scanning tools (e.g., Qualys, Rapid7) Experience with PowerShell for automating common tasks Understanding of network security concepts and principles. Soft Skills Strong analytical and problem-solving abilities. Excellent communication skills, both written and verbal. Proven ability to manage multiple projects and prioritize tasks effectively. Team-oriented with the ability to work collaboratively across departments. Preferred Qualifications Relevant certifications such as CISSP, CISM, GSEC, or Microsoft Certified: Modern Desktop Administrator. Experience with mobile device management (MDM) platforms Knowledge of ITIL processes and frameworks.