Senior Cybersecurity Engineer - Vulnerability Management

Overview

FactSet creates flexible, open data and software solutions for over 200,000 investment professionals worldwide, providing instant access to financial data and analytics that investors use to make crucial decisions.

At FactSet, our values are the foundation of everything we do. They express how we act and operate, serve as a compass in our decision-making, and play a big role in how we treat each other, our clients, and our communities. We believe that the best ideas can come from anyone, anywhere, at any time, and that curiosity is the key to anticipating our clients’ needs and exceeding their expectations.

Your Team’s Impact

We are seeking an experienced and strategic Senior Cybersecurity Engineer to lead and mature our Vulnerability Management (VM) program. The ideal candidate will bring deep technical expertise, strong problem-solving skills, and the ability to influence cross-functional teams. This role will drive end-to-end vulnerability lifecycle management, ensure timely remediation, and guide automation and process improvements across hybrid environments. Experience with Wiz, Tenable, cloud security, and infrastructure automation is required.

What You’ll Do

Program Leadership & Stakeholder Management

• Serve as a senior technical authority for vulnerability management and risk remediation.
• Partner with infrastructure, cloud, DevOps, and application teams to drive remediation accountability and SLA adherence.
• Influence remediation strategies and provide executive-ready reporting and recommendations.
• Mentor junior engineers and contribute to capability building within the security team.
• Track emerging threats and guide proactive vulnerability posture improvements.
  
  

• Lead risk-based vulnerability prioritization by correlating threat intelligence, exploitability, business impact, and asset criticality.
• Identify and escalate high-risk vulnerabilities and systemic issues impacting critical assets or business services.
• Develop risk scoring models and criteria to guide strategic remediation decisions.
• Evaluate external threat trends and map them to internal environments for proactive risk reduction.
• Translate complex vulnerability data into clear business risk narratives for leadership.
  
  

• Lead enterprise-wide vulnerability scanning and risk assessment across on-prem and cloud environments.
• Evaluate and prioritize vulnerabilities based on business risk, exploitability, and threat intelligence.
• Create executive dashboards and detailed technical reports to guide remediation.
• Manage vulnerability exceptions, scanning policies, and remediation workflows.
• Provide advanced technical guidance and remediation tactics to cross-functional teams.
• Oversee integration and continuous improvement of VM technologies and processes.
  
  

• Architect automation and integrations using Python, PowerShell, Bash, or REST APIs to optimize VM workflows.
• Develop scalable data pipelines and dashboards to support risk-based prioritization and SLA performance tracking.
• Build tools to streamline vulnerability triage, ticketing, and reporting processes.
• Automate detection and remediation of EOL systems and misconfigurations.
• Correlate vulnerability, threat, and asset data to support strategic risk decisions.
  
  

• Drive enhancements to VM policy, governance, workflows, and operational metrics.
• Lead troubleshooting of scanning issues, data integrity gaps, and configuration challenges.
• Establish best practices for secure configuration, patching, and risk reduction.
• Partner with infrastructure/security teams to enhance asset inventory and CMDB accuracy.
• Contribute to security roadmap development and adoption of new vulnerability capabilities.
  
  

• 6+ years experience in security engineering with focus on vulnerability management and automation.
• 2+ years developing advanced automation/scripts (Python, SQL, PowerShell, Bash).
• Bachelor’s or Master’s degree in Computer Science, Cybersecurity, Engineering, or equivalent experience.
• Hands-on expertise with Wiz (CSPM/CNAPP) and Tenable platforms (Nessus, Tenable.io, Tenable.sc).
• Strong OS security knowledge (Windows & Linux), patching, hardening, and configuration.
• Solid understanding of networking (TCP/IP, firewalls, VPNs, routing).
• Working knowledge of CI/CD pipelines, DevOps practices, and SDLC security integration.
• Experience securing AWS/Azure/GCP environments.
• Excellent communication, stakeholder alignment, and executive reporting skills.
• Proven track record driving complex vulnerability remediation programs to closure.
  
  

At FactSet, our people are our greatest asset, and our culture is our biggest competitive advantage. Being a FactSetter means:

• The opportunity to join an S&P 500 company with over 45 years of sustainable growth powered by the entrepreneurial spirit of a start-up.
• Support for your total well-being. This includes health, life, and disability insurance, as well as retirement savings plans and a discounted employee stock purchase program, plus paid time off for holidays, family leave, and company-wide wellness days.
• Flexible work accommodations. We value work/life harmony and offer our employees a range of accommodations to help them achieve success both at work and in their personal lives.
• A global community dedicated to volunteerism and sustainability, where collaboration is always encouraged, and individuality drives solutions.
• Career progression planning with dedicated time each month for learning and development.
• Business Resource Groups open to all employees that serve as a catalyst for connection, growth, and belonging.
  
  

Salary is just one component of our compensation package and is based on several factors including but not limited to education, work experience, and certifications.

Company Overview

FactSet (NYSE:FDS | NASDAQ:FDS) helps the financial community to see more, think bigger, and work better. Our digital platform and enterprise solutions deliver financial data, analytics, and open technology to more than 8,200 global clients, including over 200,000 individual users. Clients across the buy-side and sell-side, as well as wealth managers, private equity firms, and corporations, achieve more every day with our comprehensive and connected content, flexible next-generation workflow solutions, and client-centric specialized support. As a member of the S&P 500, we are committed to sustainable growth and have been recognized among the Best Places to Work in 2023 by Glassdoor as a Glassdoor Employees’ Choice Award winner. Learn more at www.factset.com and follow us on X and LinkedIn.

At FactSet, we celebrate difference of thought, experience, and perspective. Qualified applicants will be considered for employment without regard to characteristics protected by law.