Mobile Device Vulnerability Management Engineer

Seeking a Mobile Device Vulnerability Management & Configuration Compliance Engineer with expertise in iOS/iPadOS & Android security, MDM/UEM platforms, vulnerability management, configuration compliance, SIEM/SOAR integrations, automation scripting, and enterprise mobile security operations.

Job Details

• Role: Mobile Device Vulnerability Management & Configuration Compliance Engineer
• Employment Type: Contract (C2C)
• Location: Springfield MA, Boston MA, New York City NY, Jersey City NJ
• Experience: 5–8 years (2–4 specifically in mobile/UEM security, vulnerability management, or compliance)

Key Responsibilities

• Define PoT scope, success criteria, and test plans for automated mobile vulnerability scanning
• Evaluate candidate tools for coverage, detection accuracy, scalability, privacy, and reporting fidelity
• Execute pilots validating vulnerability detection (OS versions, CVEs, patch levels, risky apps) and configuration compliance (encryption, jailbreak/root, screen lock, OS hardening)
• Produce PoT outcomes including findings, risk analysis, cost/benefit, architecture decisions, and recommendations
• Coordinate with InfoSec and Compliance teams to meet regulatory requirements (e.g., NYDFS)
• Build and run mobile vulnerability lifecycle processes: discovery, assessment, prioritization, remediation, validation, and reporting
• Develop severity/risk scoring tuned for mobile devices
• Coordinate remediation with endpoint engineering, mobility admins, app owners, and operations teams
• Validate remediation effectiveness via scanner re-runs and policy compliance checks
• Develop, deploy, and maintain baseline security configurations for iOS/iPadOS and Android
• Translate requirements into enforceable security policies
• Implement compliance monitoring and drift detection; drive automated corrective actions
• Build automation scripts and APIs to normalize and enrich findings
• Support change management and training for operations teams
• Deliver documentation: PoT plans, architecture diagrams, operational runbooks, audit evidence

Required Skills

• Mobile OS security: iOS/iPadOS and Android security models, patching, app ecosystems, jailbreak/root detection
• Vulnerability management: CVE/patch lifecycle, risk prioritization, SLAs, metrics
• Configuration compliance: baseline hardening, policy enforcement, continuous monitoring, drift remediation
• Mobility scanning tools: Qualys Mobile VMDR, Lookout, Workspace ONE Microsoft Threat Defense, or equivalent
• MDM experience: Microsoft Intune, Omnissa Workspace ONE, Jamf Pro, or equivalent
• Enterprise integration: API integration, data normalization, automation with SIEM/SOAR/ITSM
• Identity & access: conditional access, device compliance states, SSO, certificates, MFA, posture-based access controls
• Scripting/automation: PowerShell or Python; REST APIs, JSON, OAuth, secrets management
• Documentation: PoT plans, architecture diagrams, operational runbooks, audit evidence
• Strong analytical, problem-solving, and stakeholder management skills
• Ability to work independently and across multifunctional teams
• Familiarity with NIST, CIS Benchmarks, DISA STIG (mobile), ISO 27001 or similar frameworks

Educational Requirements

• Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, Engineering, or equivalent practical experience

Certifications (Relevant / Preferred)

• CompTIA Security , CySA
• GIAC: GSEC, GMON
• Qualys / Rapid7 / Tenable certifications (or equivalent)
• Governance / Risk / Architecture (bonus)
• CISSP, CISM, CCSP
• ITIL Foundation (for ITSM integration)

Experience Level

• 5–8 years in cybersecurity/endpoint security
• 2–4 years specifically in mobile/UEM security, vulnerability management, or compliance engineering

Please share your updated resume and a good time for a quick conversation.

Looking forward to your response.

Salary : $50 - $60