Starr
Commercial Insurance
VulnerabilityManagement&ResponseEngineer
Neural analysis suggests this role is
optimal for Mid+ candidates.
“Vulnerability Management & Response Engineer at Starr. Skills: Vulnerability Management, Tenable administration, Remediation outcomes. Operate VM program. Improve enterprise VM program”
What You'll Achieve.
Meet remediation SLAs; Mature VM program
Industry & Context.
Troubleshooting
What They're Looking For.
Must Have
5+ years enterprise VM program, Hands-on Tenable experience, Deep understanding CVSS, Experience leading patching strategies, Documentation skills, Process improvement skills, Ability to collaborate across teams
Nice to Have
Integrating VM tools with SOAR, Integrating VM tools with SIEM, Integrating VM tools with ticketing platforms, Knowledge of container security, Knowledge of cloud-native security, Knowledge of API-based vulnerability, CMDB reconciliation experience, Asset discovery experience, Presenting technical risk summaries
What You'll Do.
Improve enterprise VM program
Identify vulnerabilities
Assess vulnerabilities
Prioritize vulnerabilities
Drive risk-informed decisions
Facilitate remediations
Partner with Infrastructure
Partner with Development
Partner with Compliance
Maintain scanning coverage
Meet remediation SLAs
Configure Tenable scans
Schedule Tenable scans
Monitor Tenable coverage
Manage Tenable credentials
Troubleshoot Tenable results
Assign remediation tasks
Validate remediation tasks
Define remediation SLAs
Maintain remediation SLAs
Enforce remediation SLAs
Integrate Tenable findings
Integrate remediation workflows
Enable automated assignment
Enable automated tracking
Enable automated validation
Reconcile Tenable output
Validate scanner coverage
Validate asset ownership
Validate data quality
Maintain exception register
Document risk acceptance
Document compensating controls
Document expiration controls
Run VM governance cadence
Review backlog health
Review scanner coverage
Review tool integrations
Support internal audit
Support regulatory review
Provide audit evidence
Provide audit metrics
Provide audit narratives
How You'll Work.
Team & Collaboration
Infrastructure teams; Development teams; Risk teams; Compliance teams; Asset owners
Full Job Description
**Join Starr, a global leader in commercial insurance with over a century of expertise. We empower our employees to innovate, make impactful decisions, and build lasting client relationships worldwide. At Starr, you 'll work in an entrepreneurial culture alongside accessible leaders, leveraging our financial strength and vast industry experience to deliver solutions for our clients, no matter how complex. Grow your career with a rapidly growing company that invests in its people and their ability to drive real progress.** ## Position Summary We are seeking a highly skilled Vulnerability Management & Response Engineer to help operate and continuously improve our enterprise Vulnerability Management (VM) program. This role is responsible for owning core VM processes end-to-end—identification, assessment, prioritization, exception handling, remediation tracking, and validation—across on-premises and cloud environments using Tenable. The position drives risk-informed decisions and facilitates remediations with the asset owners. This role will partner cross-functionally with Infrastructure, Development, Risk, and Compliance teams to maintain continuous scanning coverage, meet remediation SLAs, and mature the VM program through automation, reporting, and governance. The ideal candidate has proven experience running a Vulnerability Management program at enterprise scale, with hands-on Tenable administration and a track record of driving remediation outcomes with asset owners. ## Key Responsibilities * Own day-to-day operations of the Tenable platform (e.g., scan configuration, scheduling, coverage monitoring, credentials management, and results troubleshooting). * Lead triage, assignment, and validation of vulnerability remediation tasks across infrastructure and application stakeholders. * Define, maintain, and enforce SLA-based remediation, including escalation and executive reporting for SLA drift. * Integrate Tenable findings and remediation workflows with SCCM, Intune,
Applying for this Vulnerability Management & Response Engineer role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Workday
- Workday has a multi-step form — save your progress after every section.
- "Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
- Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
- Job requisition numbers are useful when following up with HR by email.
ANONYMOUS · UNFILTERED
What do employees actually say about Starr?
Real rants from real employees. Read before you apply.