Security Engineer, Vulnerability & Attack Surface Management

Build the Future with AspenView Technology Partners At AspenView, we are passionate about transforming the way organizations approach technology. We specialize in creating high-performing, nearshore IT teams to help North American clients innovate faster and more efficiently. As we continue to grow, we’re looking for exceptional people to join our team and help drive impactful change across industries. Why Join AspenView? At AspenView, we’re more than a nearshore IT partner—we’re a people-first, purpose-driven company that believes great culture drives great outcomes. We’re passionate about connecting talent and technology to deliver measurable value for clients—and meaningful career paths for our people. Here’s what you can expect: Competitive base Comprehensive benefits and wellness supportFlexible work model: hybrid, remote, or in-officeReal growth opportunities and leadership visibilityInclusive, respectful culture that blends U.S. innovation with Colombian heartA company that listens, invests in you, and celebrates wins together The Security Engineer, Vulnerability & Attack Surface Management operates across the full vulnerability lifecycle. You will act as the technical engine of the VM program, transforming it from a reactive process into a proactive, intelligence-driven capability. By embedding AI across scanning, triage, and remediation, you will ensure high-risk vulnerabilities are addressed before exploitation across IT, cloud, and OT-adjacent environments. What you will do: AI-Driven Scanning & Prioritization Design and operate AI-augmented vulnerability scanning pipelines across IT, cloud, and hybrid environments.Deploy and tune AI-driven prioritization models combining CVSS, EPSS, CISA KEV, threat intelligence, and asset criticality.Correlate vulnerability data with live threat intelligence and active exploit activity to keep prioritization models current and accurate. Automated Remediation & Workflows Build and maintain automated remediation workflows, including AI-generated ticket creation and resolution tracking through ITSM platforms.Monitor SLA compliance across workflows using automated alerting and predictive SLA breach detection.Produce AI-generated operational dashboards and executive reporting to translate raw vulnerability data into clear risk narratives. Attack Surface & Asset Management Maintain asset inventory accuracy and CMDB integrations, using AI-assisted asset discovery to identify shadow IT and coverage gaps.Contribute to attack surface management using AI-powered exposure analysis to map external trends and model risk reduction scenarios.Support exception documentation and compensating control tracking through structured, audit-ready workflows. Tools & Technologies: Scanning Platforms: Tenable Nessus, Qualys VMDR, Rapid7 InsightVM, or Microsoft Defender Vulnerability Management.Risk Scoring: CVSS v3/v4, EPSS, CISA KEV, and asset-criticality-based prioritization frameworks.ASM Platforms: Cortex Xpanse, Microsoft Defender EASM, or Axonius.Scripting & ITSM: ServiceNow, Jira, Python, and PowerShell. What you bring: Experience: 4-6+ years in cybersecurity with a primary focus on vulnerability management, attack surface management, or security operations.Certification: Security+ or GEVA preferred; vendor certifications (Tenable, Qualys) or AI/ML security coursework are a strong plus.Communication: Strong analytical skills with the ability to translate AI-generated vulnerability insights into risk narratives for technical teams and executive stakeholders.Collaboration: Effective at driving remediation velocity across IT, cloud, and application teams using data to influence prioritization. Equal Opportunity Employer: AspenView is proud to be an equal opportunity employer. We believe in creating an environment where all employees feel welcome, valued, and empowered to succeed. We celebrate diversity and strive to build a culture of inclusion where all individuals, regardless of their race, color, gender, gender identity or expression, sexual orientation, disability, age, or any other characteristic, can thrive. We encourage applicants from all walks of life to join our team and make a lasting impact. Visa Sponsorship Disclaimer USA AspenView does not provide visa sponsorship for this role. Candidates must already be legally authorized to work in their country of residence. Locations: Denver, CO; São Paulo, Brazil