About the role
Group 1001is a consumer-centric, technology-driven family of insurance companies on a mission to deliver outstanding value and operational performance by combining financial strength and stability with deep insurance expertise and a can-do culture. Group1001’s culture emphasizes the importance of collaboration, communication, core business focus, risk management, and striving for outcomes. This goal extends to how we hire and onboard our most valuable assets – our employees.
Why This Role Matters:
As a Senior Vulnerability Management Engineer at Group 1001, you are equal parts security practitioner and infrastructure engineer. You will combine your deep vulnerability expertise with systems engineering prowess to identify, prioritize, and drive remediation of risks across cloud, on-prem, applications, and OT/embedded systems.
You will be responsible for shaping the Vulnerability Management function into a system optimized with significant automation. Your goal is to discover, contextualize, and mitigate the increasingly rapid volume, velocity, and nature of vulnerability exploitation in a post-AI world. This role exists to deliver this goal by using systems for discovery, assessment, contextual prioritization, and assignment to the responsible technology owners. Where human effort is required, your expertise helps navigate the edge cases, framework tuning, and hardening the pipeline.
How You'll Contribute:
- Own the end-to-end vulnerability management pipeline: asset discovery > scanning > enrichment > prioritization > assignment > verification > closure.
- Build, codify, and iterate a data-driven prioritization framework (blending CVSS, EPSS, KEV, exploit availability, asset criticality, exposure/reachability, compensating controls, and business context).
- Automate the full workflow via SOAR playbooks, webhooks, REST/GraphQL APIs, message queues, and custom scripts where needed.
- Develop and improve KPIs, metrics, and trending for vulnerability management functions, and bring leadership attention to root-cause issues driving systemic vulnerability risk.
- Integrate scanners, CMDB/asset inventory, EDR, cloud providers (AWS/Azure/GCP), and others into a single pipeline for management.