Senior Vulnerability Engineer

Who We AreJoin a team that puts its People First! Since 1889, First American (NYSE: FAF) has held an unwavering belief in its people. They are passionate about what they do, and we are equally passionate about fostering an environment where all feel welcome, supported, and empowered to be innovative and reach their full potential. Our inclusive, people-first culture has earned our company numerous accolades, including being named to the Fortune 100 Best Companies to Work For® list for nine consecutive years. We have also earned awards as a best place to work for women, diversity and LGBTQ+ employees, and have been included on more than 50 regional best places to work lists. First American will always strive to be a great place to work, for all. For more information, please visit www.careers.firstam.com.

What We DoThe Senior Vulnerability Scanning Engineer will be responsible for managing and optimizing the organization’s vulnerability scanning processes, tools, and methodologies. This role requires a deep understanding of vulnerability management, configuration compliance, security frameworks, and the ability to collaborate effectively with cross-functional teams to enhance the organization's security posture.

What You'll Do

• Assist in the design, implementation, and management of the vulnerability scanning program, including planning, executing, and reporting on a weekly basis.
• Conduct comprehensive scans of the entire IT infrastructure to identify vulnerabilities and configuration compliance.
• Collaborate with partners within the enterprise to ensure vulnerability scanning effectiveness.
• Maintain and enhance vulnerability scanning tools, ensuring they are effectively integrated into existing security workflows.
• Develop and maintain vulnerability management metrics and reporting to communicate security posture to stakeholders.
• Conduct research on emerging vulnerabilities, threats, and trends in the cybersecurity landscape to inform scanning strategies.
• Provide guidance and mentorship to junior security team members and other stakeholders on vulnerability scanning best practices.
• Ensure compliance with relevant regulations, standards, and industry best practices related to vulnerability management.
• Participate in incident response activities as needed.

 

What You'll Bring

• Bachelor’s degree in computer science, Information Security, or a related field.
• 5+ years of experience in vulnerability management or IT security, with a focus on vulnerability scanning and assessment.
• 5+ years of experience with vulnerability scanning tools (e.g., Nessus, Qualys, Rapid7, etc.) and experience configuring them for optimal performance.
• Strong understanding of network security principles, application security, and system architecture.
• Familiarity with security frameworks and regulations (e.g., NIST).
• Excellent analytical and problem-solving skills, with a keen attention to detail.
• Strong communication skills, with the ability to present complex information clearly to a variety of audiences.

Salary Range: $86,675.00 - $144,450.00

This hiring range is a reasonable estimate of the base pay range for this position at the time of posting.  Pay is based on a number of factors which may include job-related knowledge, skills, experience, business requirements and geographic location

What We OfferBy choice, we don’t simply accept individuality – we embrace it, we support it, and we thrive on it! Our People First Culture celebrates diversity, equity and inclusion not simply because it’s the right thing to do, but also because it’s the key to our success. We are proud to foster an authentic and inclusive workplace For All. You are free and encouraged to bring your entire, unique self to work. First American is an equal opportunity employer in every sense of the term.

** Note that the following statements only apply to candidates who will be working from an unincorporated area within Los Angeles County. **

First American will consider for employment all qualified applicants, including those with arrest or conviction records, in a manner consistent with the requirements of applicable state and local laws (e.g., the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act).

First American intends to conduct a review of an applicant’s criminal history in connection with a conditional offer. First American reasonably believes that a criminal history may have a direct, adverse and negative relationship with the following material job duties for this position potentially resulting in the withdrawal of the conditional offer of employment: handling of confidential, proprietary or trade secret information belonging to First American or its customers, administrating or facilitating financial transactions, and the ability to meet customer-imposed criminal history requirements.

Based on eligibility, First American offers a comprehensive benefits package including medical, dental, vision, 401k, PTO/paid sick leave and other great benefits like an employee stock purchase plan.