Skip To Main Content
epam-logo-black.svgepam-logo-black.svg
backBack to Search

Lead Vulnerability Engineer

Remote in Brazil,
& 2 others
Security.Engineering
& 4 others
Brazil

We are seeking a highly skilled and proactive Lead Vulnerability Management Engineer to join our Security Operations team.

In this role, you will be responsible for developing, operating, and executing a robust Vulnerability Management program to ensure continuous identification and remediation of vulnerabilities across our technology ecosystem. This position requires strong technical expertise, leadership capabilities, and a collaborative mindset to drive security initiatives and safeguard organizational assets.

Responsibilities
  • Lead and manage vulnerability identification, assessment, prioritization, and remediation efforts
  • Utilize tools such as Prisma, Rapid7, and Defender on a daily basis to monitor and address vulnerabilities
  • Operate and manage vulnerability scanning tools, platforms, and cloud-native capabilities
  • Collaborate with IT, network operations, application development, and compliance teams to address vulnerabilities promptly
  • Provide expert guidance for implementing security patches, configurations, and mitigation strategies
  • Conduct regular vulnerability assessments and recommend actionable remediation steps
  • Analyze security advisories, threat intelligence, and vulnerability feeds to stay updated on emerging threats
  • Maintain and update vulnerability management policies, procedures, and documentation in line with industry best practices
  • Present reports on vulnerability metrics, trends, and remediation progress to senior management
  • Lead incident response efforts in cases of detected vulnerabilities or potential exploits
Requirements
  • Bachelor's or Master's degree in Computer Science, Information Technology, or a related field
  • 5+ years of hands-on experience in Security Engineering, with a focus on vulnerability management
  • At least one year of experience in a leadership role, overseeing teams or projects
  • Proficiency with vulnerability scanning tools such as Prisma, Rapid7, Defender, Contrast, AWS Inspector, or Wiz, including configuration, operation, and interpretation of results
  • Strong understanding of vulnerability management frameworks, tools, and best practices, including CVSS scoring, patch management, and risk assessment methodologies
  • Excellent analytical and problem-solving abilities, with the capability to prioritize and manage multiple tasks effectively in a fast-paced environment
  • Effective communication and interpersonal skills, with the ability to collaborate with both technical and non-technical stakeholders and present complex security findings clearly
  • Fluent English skills (written and spoken) at a B2 level or higher for effective communication and reporting
Nice to have
  • Industry-recognized cybersecurity certifications such as CISSP, CISM, CEH, or GIAC to demonstrate advanced knowledge in security practices
  • Familiarity with cloud security frameworks and modern DevSecOps practices to enhance vulnerability management in cloud-native environments
Benefits
  • International projects with top brands
  • Work with global teams of highly skilled, diverse peers
  • Healthcare benefits
  • Employee financial programs
  • Paid time off and sick leave
  • Upskilling, reskilling and certification courses
  • Unlimited access to the LinkedIn Learning library and 22,000+ courses
  • Global career opportunities
  • Volunteer and community involvement opportunities
  • EPAM Employee Groups
  • Award-winning culture recognized by Glassdoor, Newsweek and LinkedIn