Vulnerability Management Engineer

We are CONNECTING HEALTH AND WEALTH. Come be part of remarkable. 

How you can make a difference

Join HealthEquity as a Vulnerability Management Engineer and lead key security initiatives that protect critical assets while driving business success! In this role, you’ll set strategic direction for security standards, working closely with both the Security Technology and Tools team and cross-functional leaders across the organization. You'll play a pivotal role in identifying, addressing, and mitigating security risks, threats, and vulnerabilities. With your deep knowledge of industry security standards (NIST, ISO27001/2, CIS Top 20 Controls), you'll ensure we have top-tier security controls in place. You’ll influence and collaborate with technology and business leaders to balance business opportunities with security risk, while leading efforts to secure HealthEquity’s environment. Reporting to the Director of Security Technology and Tools, you’ll also help shape the security strategy. Experience with Tenable.sc is preferred—if you're ready to make an impact and help protect a growing company, we’d love to hear from you!

What you’ll be doing (Job Duties & Responsibilities)

• Review and analyze vulnerability data to identify trends and patterns.
• Facilitate vulnerability management meetings as needed.
• Advise and assist remediation teams in prioritizing vulnerability fixes and developing remediation plans.
• Perform risk-based assessments of technical vulnerabilities and security risks for on-premise and cloud-based services.
• Lead efforts to integrate new security technologies, ensuring a robust security tool stack to address threats and gaps.
• Build and present cases for adopting new technologies to mitigate emerging risks or address identified gaps.
• Identify and lead security controls for both large and small technology initiatives, leveraging strong IT risk, security, and compliance experience.
• Lead the development and consolidation of security metrics to assess the Cybersecurity program’s progress.
• Apply leading information security frameworks (NIST, ISO27001/2, CIS Top 20) to develop appropriate security measures.
• Utilize automation, scripting, and business intelligence tools (PowerShell, Python, PowerBI, Tableau) to improve processes and reporting.
• Self-manage cybersecurity policy and standards updates.
• Build strong relationships with technical teams to serve as a trusted security advisor.
• Contribute to the strategic direction of the Technical Security team by designing and implementing security tools that enhance customer trust and detect suspicious activity.

What you will need to be successful (Skills, Knowledge, & Experience)

• 4+ years of experience in security vulnerability management, including vulnerability scanning, assessment, and remediation.
• Hands-on experience with Tenable.sc or other leading vulnerability management tools.
• Strong knowledge of security vulnerabilities, risk assessment, and mitigation strategies.
• Proven ability to prioritize and remediate vulnerabilities in collaboration with IT, security, and development teams.
• Familiarity with developing and implementing vulnerability management processes and policies.
• Experience with compliance standards and regulatory requirements related to vulnerability management (e.g., PCI-DSS, HIPAA).
• Knowledge of current and emerging security threats, trends, and best practices.
• Excellent communication skills to report on vulnerability statuses and provide recommendations to stakeholders.
• Experience with incident response related to vulnerabilities is a plus.
• Industry certifications such as CISSP, CEH, or GIAC are preferred.

#LI-Remote

This is a remote position.

The compensation range describes the typical minimum or maximum base pay range for this position. The actual compensation offer is determined based on job-related knowledge, education, skills, experience, and work location. This position will be eligible for performance-based incentives as part of the total compensation package, in addition to a full range of benefits including:

• Medical, dental, and vision
• HSA contribution and match
• Dependent care FSA match
• Uncapped paid time off
• Adventure accounts
• Paid parental leave
• 401(k) match
• Personal and healthcare financial literacy programs
• Ongoing education & tuition assistance
• Gym and fitness reimbursement
• Wellness program incentives

Why work for HealthEquity 

HealthEquity has a vision that by 2030 we will make HSAs as wide-spread and popular as retirement accounts. We are passionate about providing a solution that allows American families to connect health and wealth. Join us and discover a work experience where the person is valued more than the position. Click here to learn more. 

Come be your authentic self

HealthEquity, Inc. is an equal opportunity employer that is committed to inclusion and diversity. We take affirmative action to ensure equal opportunity for all applicants without regard to race, age, color, religion, sex, sexual orientation, gender identity, national origin, status as a qualified individual with a disability, veteran status, or other legally protected characteristics. HealthEquity is a drug-free workplace. For more information about our EEO policy, or about HealthEquity’s applicant disability accommodation, drug-free-workplace, background check, and E-Verify policies, please visit our Careers page.

HealthEquity is committed to your privacy as an applicant for employment.  For information on our privacy policies and practices, please visit HealthEquity Privacy.