Search...

Security Controls Engineer - Vulnerability Management

MoneyLion logo
MoneyLion

Stealth

Distributed
View jobs by MoneyLion

Skills

About the Role

You will translate legal and security framework requirements into clear actionable vulnerability management and remediation programs that operate across multiple Security and DevOps teams. You'll help design, operationalize, and continually improve the vulnerability management lifecycle, from identification and triage through prioritization and remediation to validation and reporting. This includes secure development practices within regulatory frameworks guiding vulnerability handling, coordinated disclosure, SBOM transparency, patch management, and post-deployment monitoring. You will track, report, and escalate progress, risks, and dependencies, partnering closely with a Senior Project Manager and reporting to senior leadership.

Requirements

  • 3–5 years of practical exposure or experience in vulnerability management, security engineering, or security program delivery in a cloud/software environment
  • Demonstrated ability to work independently and drive outcomes across multiple teams
  • Working understanding of regulatory security requirements and experience implementing frameworks/regulations such as ISO 27001, NIS2, SOC 2, GDPR, PCI DSS
  • Strong translation skills to turn policy and control language into developer-ready user stories, acceptance criteria, remediation tasks, and runbooks
  • Hands-on experience using work tracking tools such as Jira or Azure DevOps and crafting status reports/dashboards for leadership
  • Strong communication skills including analyzing vulnerability trends such as ageing, patch latency, and systemic root causes
  • Understanding of modern SDLC/DevOps practices including CI/CD, IaC, pipelines, and change management
  • Experience in cloud environments such as AWS, Azure, or GCP including shared responsibility and guardrail patterns

Responsibilities

  • Translate legal and security framework requirements into actionable vulnerability management and remediation programs
  • Design, operationalize, and continually improve the vulnerability management lifecycle
  • Manage identification, triage, prioritization, remediation, validation and reporting of vulnerabilities
  • Apply secure development practices within regulatory frameworks guiding vulnerability handling, coordinated disclosure, SBOM transparency, patch management, and post-deployment monitoring
  • Track, report, and escalate progress, risks, and dependencies
  • Partner with a Senior Project Manager and report to senior leadership

Benefits

  • Flexible working options
  • Generous time off
  • Competitive benefits
Security Controls Engineer - Vulnerability Management at MoneyLion | JobStash