Security Vulnerability Management Engineer


Person, Crowd, Audience, Clothing, Apparel, People

Security Vulnerability Management Engineer

  • Remote, United States
  • Remote, District of Columbia, United States
  • Chicago, Illinois, United States
  • Boston, Massachusetts, United States
  • Remote, New York, United States
  • Austin, Texas, United States
  • Seattle, Washington, United States
  • Full time

Work Styles at Zoom

In most cases, you will have the opportunity to choose your preferred working location from the following options when you join Zoom: in-person, hybrid or remote. Visit this page for more information about Zoom's Workstyles.

About Us

Zoomies help people stay connected so they can get more done together. We set out to build the best video product for the enterprise, and today help people communicate better with products like Zoom Contact Center, Zoom Phone, Zoom Events, Zoom Apps, Zoom Rooms, and Zoom Webinar.

We’re problem-solvers, working at a fast pace to design solutions with our customers and users in mind. Here, you’ll work across teams to deliver impactful projects that are changing the way people communicate and enjoy opportunities to advance your career in a diverse, inclusive environment.

We are seeking a Security Vulnerability Management Engineer to join the Threat and Vulnerability Management team for Zoom for Government. This role will be instrumental in leveraging the large data sets that we have to drive higher levels of security posture and configuration consistency for the Zoom infrastructure, and to mature the operational rigor of our processes.  

The successful candidate will be part of the growing Vulnerability Management program, and will be working with IT and operations teams across the Zoom global organization, Security Operations teams to expand our collaboration and enhance the data pipelines for deeper insights to drive remediation plans.  


●  Validate and drive vulnerability remediation of discovered vulnerabilities  

●  Meet regularly with other technical teams to follow up with patching cadence:  

  • Triage and formulate remediation plans and/or compensating controls together with appropriate timelines following vulnerability scans using input from system owners 

  • Autonomously analyzes and implements optimal settings and configurations to perform vulnerability scans of networks, operating systems, applications, containers, cloud resources, and other information systems 

●  Maintaining and monitoring of all vulnerability tools and scan schedules

●  Integrating vulnerability management tools with Security information and event management (SIEM) solutions.

●  Implementing automated monitoring and alerting on scanning tools and processes

●  Develop tools, documentation, processes, and techniques to assist in remediation of security vulnerabilities  

●  Conducts vulnerability scans of Zoom’s systems, networks, endpoints and applications  

● Effectively recognize threats by performing relevant research and data analysis 

● Respond to security incidents, intervene as necessary to protect company assets 

● Ability to work extended or non-traditional hours on occasion to support emergency situations 



●  B.S or M.S in Computer Science or Information Security

●  Knowledge or experience in working with and/or managing vulnerability scanners such as Qualys, Tenable, Prisma, Burp Suite, etc.  

●  Experience in implementing a DevOps/Site-Reliability rigor on Vulnerability Management processes. 

  • Experience in security compliance frameworks such as FedRAMP, NIST/DoD RMF, and NIST SP 800-series publications

●  Experience in working with databases, security and log monitoring frameworks to extract actionable data and insights

●  Experience in working with testing tools such as Nessus, DISA STIGs / STIG Viewer etc.

●  Knowledge of desktop, server, mobile operating systems and cloud computing providers 

●  Ability to plan, organize, prioritize, work independently and meet deadlines  

●  This is a remote position in the U.S., must be US citizen


Bonus Points:  

  • Deep understanding of OWASP Top 10, and specifically A06:2021 Vulnerable and Outdated Components

  • Having a Prisma Certified Cloud Security Engineer certification or equivalent

  • Knowledge or experience with container management tools such as Docker, Amazon ECS, Kubernetes or equivalent implementations  

  • Knowledge of multiple cloud computing providers such as AWS, OCI, etc.

  • Experience with a scripting language (Perl, Python, or other)  

  • Experience with a database and/or querying language  

  • Understanding of cryptography and its implementation (key management, etc)

We believe that the unique contributions of all Zoomies is the driver of our success. To make sure that our products and culture continue to incorporate everyone's perspectives and experience we never discriminate on the basis of race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status. Zoom is proud to be an equal opportunity workplace and is an affirmative action employer. All your information will be kept confidential according to EEO guidelines. 

We welcome people of different backgrounds, experiences, abilities and perspectives including qualified applicants with arrest and conviction records and any qualified applicants requiring reasonable accommodations in accordance with the law. If you need any assistance or accommodations due to a medical condition, or if you need assistance accessing our website or completing the application process, please let us know by emailing us at

Zoom requires all U.S. employees who will work in person at a Zoom office, attend in-person Zoom meetings or have in-person customer meetings to be fully vaccinated.  Zoom will consider requests for reasonable accommodations for religious or medical reasons as required under applicable law.

At Zoom, we care about our employees, their families, and their well-being. As part of our award-winning workplace culture and commitment to delivering happiness, our benefits program offers a variety of perks, benefits, and options to help employees maintain their physical, mental, emotional, and financial health; support work-life balance; and contribute to their community in meaningful ways. To view our benefits, click here.

Explore Zoom:


Fraudulent Employment Offers

Zoom is aware of scams that involve fake Zoom job listings posted on third-party sites. Responding applicants are contacted primarily over email, InMail and/or chat applications by people impersonating Zoom employees. Eventually a fake offer letter is sent in exchange for personal identification information as part of a fake new-hire screening process.

Please be advised that these offers, communications and impersonations are illegitimate and fraudulent. All communication with Zoom employees come from an “” email address. Zoom job applicants complete an interview process including in-person (on Zoom) meetings and phone calls. Our process also requires you to create an account with our applicant tracking system, Workday. If you have already completed an application, you can access it here. 

Zoom will never ask for your personally identifying information during the interview process or ask you to pay money or purchase equipment. If you have received a message from Zoom that appears suspicious, please contact 

Sign up for job alerts

Find roles that are just the right fit for you, delivered straight to your inbox. The next opportunity you see could become your new career.

Not You?

We have emailed you a code to verify your identity

Thank you for signing up for job alerts from Zoom!

Person, Laptop, Pc, Mouse, Hair, Sitting, Female, Table, Woman, Girl