[Remote] Security Engineer II - Cloud & Vulnerability Management

Note: The job is a remote job and is open to candidates in USA. Nasuni is a company focused on information security, and they are seeking a Security Engineer II - Cloud & Vulnerability Management. This role is responsible for managing and operating tools and workflows to protect their hybrid and multi-cloud infrastructure, with an emphasis on vulnerability management and asset visibility.

Responsibilities

• Own day-to-day execution of Nasuni's vulnerability management processes and tooling across cloud infrastructure (Wiz), on-premises and network assets (Rapid7), while contributing to ongoing program improvements
• Support the maintenance of a current, accurate asset inventory across cloud workloads, physical infrastructure, network devices, and employee endpoints
• Manage the full vulnerability lifecycle, including identification, triage, prioritization, remediation coordination, and validation
• Partner with Engineering, SRE, and IT/Infrastructure teams to drive remediation activities
• Produce clear, actionable vulnerability reporting for Engineering and IT/Infrastructure stakeholders and security leadership
• Track remediation SLAs, identify patterns in recurring weaknesses, and recommend systemic improvements to reduce exposure
• Contribute to patch management coordination efforts and support secure configuration baseline reviews across key asset classes
• Maintain visibility and inventory accuracy across cloud, endpoint, network, and infrastructure assets in partnership with IT/Infrastructure teams
• Monitor cloud security posture via Wiz across AWS, Azure, and GCP environments — identifying misconfigurations, high-risk exposures, and policy violations
• Support secure configuration of cloud workloads, network controls, IAM, and infrastructure components in collaboration with engineering and SRE teams
• Identify and escalate configuration drift, excessive permissions, and security gaps in cloud infrastructure
• Provide security input on infrastructure changes and support security reviews as needed
• Support security incidents where infrastructure, asset, or vulnerability context is needed
• Independently manage and investigate moderate-severity security incidents within your domain; conduct root cause analysis and contribute to post-incident reviews
• Maintain and improve documentation and runbooks for asset, vulnerability, and endpoint-related incident response procedures
• Support additional incident response efforts as needed
• Support internal and external evidence collection and control documentation for within your areas of ownership
• Maintain accurate records of scanning activity, remediation outcomes, and asset coverage for audit readiness
• Contribute to security awareness initiatives and help communicate security expectations around patch and configuration hygiene to engineering teams
• Share knowledge and support team development through collaboration and peer guidance
• Identify operational gaps and recommend practical improvements to strengthen security posture and program effectiveness
• Leverage AI-assisted tools to improve security analysis, vulnerability triage, reporting, and operational workflows while validating outputs and maintaining accountability for decisions

Skills

• 3–6 years of experience in security engineering, cloud security, vulnerability management, or a closely related role
• Hands-on experience managing vulnerability scanning or asset management programs in a cloud or hybrid environment
• Experience coordinating remediation efforts across Engineering, Infrastructure and/or IT teams
• Experience prioritizing vulnerabilities using risk-based methodologies and business context
• Experience using AI-enabled tools to improve operational efficiency, analysis, investigation, or reporting while applying appropriate validation and security controls
• Experience with cloud security platforms, ideally including Wiz or a comparable CSPM tool; familiarity with AWS, Azure, or GCP security fundamentals
• Hands-on experience with vulnerability management tools such as Rapid7 InsightVM, Qualys, Tenable, or equivalent
• Working knowledge of network protocols, network security fundamentals, and infrastructure security concepts (TCP/IP, firewall logic, segmentation)
• Familiarity with secure configuration standards such as CIS Benchmarks and common vulnerability frameworks (CVSS, CVE)
• Strong written and verbal communication skills. Able to translate vulnerability findings into clear, prioritized guidance for cross-functional partners
• Ownership mindset: you follow through on commitments, track your own work, and raise blockers early
• Collaborative and reliable partner across engineering, IT/infrastructure, and security teams
• Bachelor's degree in Information Security, Computer Science, or a related field; or equivalent practical experience
• Certifications preferred: CompTIA Security+, AWS Security Specialty, CySA+, or equivalent

Benefits

• Best in class employee onboarding and training
• "Take What You Need” paid time off policy
• Comprehensive health, dental and vision plans
• Company-paid life and disability insurance
• 401(k) and Roth IRA retirement plan
• Generous employee referral bonuses
• Flexible remote work policy
• 10 Paid Holidays
• Wide array of wellbeing offerings
• Pre-tax savings accounts with company contributions
• Great team culture and social activities
• Collaborative workspaces
• Free on-site fitness centers and stocked kitchens in select office locations
• Professional development resources

Company Overview

Company H1B Sponsorship