Vulnerability Management Cybersecurity Engineer

We are more than a health system. We are a belief system. We believe wellness and sickness are both part of a lifelong partnership, and that everyone could use an expert guide. We work hard, care deeply and reach further to help people uncover their own power to be healthy. We inspire hope. We learn, grow, and achieve more – in our careers and in our communities.

Job Description Summary:

We are seeking a proactive and detail-oriented Vulnerability Management Engineer to join our cybersecurity team. This role is responsible for identifying, assessing, and helping to remediate vulnerabilities across our enterprise environment. The ideal candidate will have hands-on experience with Tenable.io, a strong understanding of vulnerability remediation processes, and the ability to recommend and implement mitigating controls when direct remediation is not feasible.

Responsibilities And Duties:

Operate and maintain the Tenable.io platform to perform regular vulnerability scans across on-premises and cloud environments.
Analyze scan results, prioritize vulnerabilities based on risk, and coordinate remediation efforts with IT and application teams.
Develop and maintain dashboards and reports to communicate vulnerability status, trends, and risk posture to stakeholders.
Collaborate with system owners to implement timely remediation or compensating controls for identified vulnerabilities.
Track and validate remediation efforts to ensure vulnerabilities are resolved or appropriately mitigated.
Assist in the development and enforcement of vulnerability management policies, standards, and procedures.
Stay current with emerging threats, CVEs, and vendor patches to ensure timely response to critical vulnerabilities.
Support compliance initiatives by providing evidence of vulnerability management activities for audits and assessments.
Recommend and implement mitigating controls when patching is not immediately possible, including configuration changes, access restrictions, or network segmentation.

Minimum Qualifications:

Bachelor's Degree

Additional Job Description:

• 3+ years of experience in vulnerability management, cybersecurity operations, or a related field.
• Hands-on experience with Tenable.io or similar vulnerability scanning platforms (e.g., Qualys, Rapid7).
• Strong understanding of vulnerability lifecycle management and remediation workflows.
• Familiarity with CVSS scoring, threat intelligence, and risk-based prioritization.
• Experience working with IT teams to coordinate patching and configuration changes.
• Knowledge of operating systems (Windows, Linux), networking, and cloud platforms (AWS, Azure, GCP).
• Ability to interpret vulnerability data and translate it into actionable remediation plans.
• Excellent communication and documentation skills.

SPECIALIZED KNOWLEDGE

• Experience with vulnerability management in regulated environments (e.g., HIPAA, PCI-DSS, SOX).
• Familiarity with ticketing systems (e.g., ServiceNow, Jira) for tracking remediation tasks.
• Knowledge of scripting (e.g., Python, PowerShell) for automation of scanning and reporting.
• Exposure to security frameworks such as NIST CSF, CIS Controls, or ISO 27001.

DESIRED ATTRIBUTES

• Proactive and detail oriented.
• Strong analytical and problem-solving skills.
• Ability to work collaboratively with cross-functional teams.
• Excellent communication and documentation skills.

Work Shift:

Day

Scheduled Weekly Hours :

40

Department

IS Adminlstration

Join us!
... if your passion is to work in a caring environment
... if you believe that learning is a life-long process
... if you strive for excellence and want to be among the best in the healthcare industry

Equal Employment Opportunity

OhioHealth is an equal opportunity employer and fully supports and maintains compliance with all state, federal, and local regulations. OhioHealth does not discriminate against associates or applicants because of race, color, genetic information, religion, sex, sexual orientation, gender identity or expression, age, ancestry, national origin, veteran status, military status, pregnancy, disability, marital status, familial status, or other characteristics protected by law. Equal employment is extended to all person in all aspects of the associate-employer relationship including recruitment, hiring, training, promotion, transfer, compensation, discipline, reduction in staff, termination, assignment of benefits, and any other term or condition of employment