TITLE: Vulnerability Management Engineer
POSITION TYPE: Full Time (W2)
LOCATION: Remote
ABOUT
WorldLink:
WorldLink
is a rapidly growing information technology company at
the forefront of the tech transformation. From custom
software development to cloud hosting, from big data
to cognitive computing, we help companies harness
and leverage today’s most cutting-edge digital
technologies to create value and grow.
Collaborative. Respectful. Work hard Play hard. A place to
dream and do. These are just a few words that describe
what life is like at WorldLink. We embrace a culture of
experimentation and constantly strive for improvement and
learning.
We take
pride in our employees and their future with continued
growth and career advancement. We put TEAM first. We are a
competitive group that like to win. We're grounded by
humility and driven by ambition. We're passionate, and
we love tough problems and new challenges. You don't
hear a lot of "I don't know how" or "I
can't" at WorldLink. If you are passionate about
what you do and having fun while doing it; tired of rigid
and strict work environments and would like to work in a
non-bureaucratic startup cultural environment, WorldLink may
be the place for you.
WHO
we’re looking for:
We are
looking for a Vulnerability Management Engineerr to build and maintains the technical foundation for
vulnerability reporting and automated ticketing in a FedRAMP authorized SaaS
environment. The engineer will integrate Prisma Cloud and Tenable, create
dashboards, and automate ticket workflows so security, engineering, and
compliance teams have real-time visibility into findings and remediation
progress while meeting FedRAMP Continuous Monitoring expectations. Python is
the primary language for all data extraction, transformation, and workflow
automation.
Role
and Responsibilities:
• Design Python data pipelines that pull results
from Prisma Cloud and Tenable, normalize the data, and load it into a warehouse
or lake for analytics.
• Develop Python automation that creates,
updates, and closes Jira tickets in line with service-level agreements and
escalation rules.
• Build and maintain dashboards in Grafana,
Looker, or a similar platform to show open findings by severity, aging, and
ownership for Continuous Monitoring.
• Integrate Slack or email alerts so engineers
receive notifications when new critical issues surface or tickets approach
breach.
• Create reusable Python libraries and API
clients for Prisma Cloud, Tenable, and Jira to standardize data extraction and
ticket actions.
• Work with DevOps to ensure Prisma Cloud and
Tenable agents run consistently across container and compute environments such
as EKS, ECS, and Kubernetes.
• Document runbooks, configuration guides, and
data dictionaries to support audits and daily operations.
• Optimize queries and storage models to handle
large vulnerability datasets while controlling cost.
• Map dashboard fields to required FedRAMP
artifacts such as the POA&M and the System Security Plan.
• Evaluate new Prisma Cloud and Tenable features
and recommend enhancements that improve coverage or reduce manual effort.
Required Experience and Education:
• Minimum three years building data integrations
or automation in a security or DevOps context.
• Demonstrated success automating Jira workflows
for vulnerability or incident management.
• Proven track record creating dashboards that
communicate security status to technical and executive audiences.
Necessary Skills and Attributes:
-
Self-motivated
individual with the ability to thrive in a team-based or
independent environment.
- Detail-oriented with strong
organization skills.
- Ability to work in a
fast-paced environment.
- Limited supervision
and the exercise of discretion.
Physical Demands:
The
physical demands described here are representative of
those that must be met by contract employee to
successfully perform the essential functions of this
job. Reasonable accommodations may be made to enable
individuals with disabilities to perform the essential
functions.
While
performing the duties of this job, the contract employee is
occasionally required to stand, clean, crawl, kneel, sit,
sort, hold, squat, stoop, stand, twist the body, walk, use
hands to finger, handle, or feel objects, tools or
controls, reach with hands and arms, climb stairs or ladders
and scaffolding, talk or hear, and lift up to 20 pounds.
Specific vision abilities required by the job include
ability to distinguish the nature of objects by using the
eye. Operate a computer keyboard and view a video display
terminal between 50% - 95% of work time, including prolonged
periods of time. Requires considerable (90%+) work utilizing
high visual acuity/detail, numeric/character distinction, and
moderate hand/finger dexterity.
Performs
work under time schedules and stress which are normally
periodic or cyclical, including time sensitive deadlines,
intellectual challenge, some language barriers, and project
management deadlines. May require working additional time
beyond normal schedule and periodic travel.
WHAT
we’ll bring:
During
your interview process, our team can fill you in on all the
details of our industry-competitive benefits and career
development opportunities. A few highlights
include:
-
Medical
Plans
- Dental
Plans
- Vision Plan
- Life &
Accidental Death & Dismemberment
- Short-Term
Disability
- Long-Term Disability
- Critical Illness/ Accident/ Hospital Indemnity/ Identity
Theft Protection
- 401(k)
WHAT
you should know:
Our
success begins and ends with our people. We embrace
diverse perspectives and value unique human
experiences. WorldLink is an Equal Employment
Opportunity and Affirmative Action employer. All employment
at WorldLink is decided on the basis of
qualifications, merit, and business need. We endeavor
to continue our footprint as a diverse organization by
highlighting opportunities for all people. WorldLink
considers applicants for all positions without regard to
race, color, religion or belief, sex, (including pregnancy and
gender identity), age, national origin, political affiliation,
citizenship status, marital status, military/veteran status,
genetic information, sexual orientation, gender identity,
physical or mental disability or any other characteristic
protected by applicable laws. People with disabilities who need
assistance with any part of the application process should
contact us.
This
job description is designed to cover the main responsibilities
and duties of the role but is not designed to be a
comprehensive list of all.
