Senior Vulnerability Management Engineer

Posted:
7/8/2026, 1:02:18 AM

Location(s):
Zionsville, Indiana, United States ⋅ Indiana, United States

Experience Level(s):
Senior

Field(s):
DevOps & Infrastructure ⋅ Software Engineering

Workplace Type:
Remote

Pay:
$190k/yr

Group 1001 is a consumer-centric, technology-driven family of insurance companies on a mission to deliver outstanding value and operational performance by combining financial strength and stability with deep insurance expertise and a can-do culture. Group1001’s culture emphasizes the importance of collaboration, communication, core business focus, risk management, and striving for outcomes. This goal extends to how we hire and onboard our most valuable assets – our employees.

Why This Role Matters:

As a Senior Vulnerability Management Engineer at Group 1001, you are equal parts security practitioner and infrastructure engineer. You will combine your deep vulnerability expertise with systems engineering prowess to identify, prioritize, and drive remediation of risks across cloud, on-prem, applications, and OT/embedded systems.

You will be responsible for shaping the Vulnerability Management function into a system optimized with significant automation. Your goal is to discover, contextualize, and mitigate the increasingly rapid volume, velocity, and nature of vulnerability exploitation in a post-AI world. This role exists to deliver this goal by using systems for discovery, assessment, contextual prioritization, and assignment to the responsible technology owners. Where human effort is required, your expertise helps navigate the edge cases, framework tuning, and hardening the pipeline.


 

How You'll Contribute:

  • Own the end-to-end vulnerability management pipeline: asset discovery > scanning > enrichment > prioritization > assignment > verification > closure.
  • Build, codify, and iterate a data-driven prioritization framework (blending CVSS, EPSS, KEV, exploit availability, asset criticality, exposure/reachability, compensating controls, and business context).
  • Automate the full workflow via SOAR playbooks, webhooks, REST/GraphQL APIs, message queues, and custom scripts where needed.
  • Develop and improve KPIs, metrics, and trending for vulnerability management functions, and bring leadership attention to root-cause issues driving systemic vulnerability risk.
  • Integrate scanners, CMDB/asset inventory, EDR, cloud providers (AWS/Azure/GCP), and others into a single pipeline for management.
  • Continuously reduce noise: dedupe, suppress known-benign, correlate related findings, and auto-close on evidence of remediation.
  • Evaluate and integrate AI/LLM tooling for triage, false-positive suppression, remediation guidance, and vulnerability research — with appropriate guardrails.
  • Lead technical response for emergency patch cycles on various technical platforms.

What We're Looking For:

  • Bachelor's degree in Computer Science, Information Security, or related academic field or equivalent experience.
  • 5-7 years of professional experience in information security, with focus on the financial sector.
  • Hands-on experience deploying, configuring, and managing vulnerability scanning solutions at enterprise scale, including policy design, tuning for noise reduction, and managing performance impact (e.g. Tenable, Microsoft Defender, Wiz, Tanium.)
  • Hands-on experience engineering, integrating, and optimizing for automation of security platforms (e.g. Swimlane, Elastic).
  • Strong knowledge of public cloud platforms (e.g., AWS, Azure, GCP) from an infrastructure and development aspect and their related security features.
  • Familiarity with DevSecOps practices and CI/CD pipelines.
  • Understanding of industry security frameworks, standards, and best practices (e.g., NIST, ISO, CIS).
  • Proficiency in one or more software programming languages (e.g. Python, Golang, JavaScript), particularly for automation of security platform operations, health monitoring, and integration tasks.
  • Strong communication and collaboration skills, with the ability to work closely with engineering, operations and infrastructure teams.
  • Familiarity with compliance standards and regulations.
  • Creativity and critical thinking with the ability to work both independently and collaboratively in a fast-paced environment.
  • Be able to serve as a mentor or subject matter expert to other members within the organization, particularly in the areas of vulnerability management and systems engineering.

Compensation:  

 

Our compensation reflects the cost of labor across several U.S. geographic markets. The base pay for this position ranges from $190,000/year in our lowest geographic market up to $230,000/year plus bonus in our highest geographic market.  Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience.

Benefits Highlights:  

Employees who meet benefit eligibility guidelines and work 30 hours or more weekly, have the ability to enroll in Group 1001’s benefits package. Employees (and their families) are eligible to participate in the Company’s comprehensive health, dental, and vision insurance plan options.  Employees are also eligible for Basic and Supplemental Life Insurance, Short and Long-Term Disability. All employees (regardless of hours worked) have immediate access to the Company’s Employee Assistance Program and wellness programs—no enrollment is required.  Employees may also participate in the Company’s 401K plan, with matching contributions by the Company.

 

Group 1001, and its affiliated companies, is strongly committed to providing a supportive work environment where employee differences are valued. Diversity is an essential ingredient in making Group 1001 a welcoming place to work and is fundamental in building a high-performance team. Diversity embodies all the differences that make us unique individuals.  All employees share the responsibility for maintaining a workplace culture of dignity, respect, understanding and appreciation of individual and group differences.

#LI-AS1 #LI-REMOTE

Group1001 Group

Website: https://group1001.com/

Headquarter Location: Zionsville, Indiana, United States

Employee Count: 1001-5000

Year Founded: 2013

IPO Status: Private

Last Funding Type: None

Industries: Finance ⋅ Financial Services ⋅ Insurance

Visa Sponsorship: Sponsors work visas