Senior Security Engineer, Vulnerability Management Expert

We are seeking a highly skilled and experienced Senior Security Engineer to join our dynamic team at Moderna. The ideal candidate will have extensive experience in vulnerability management, patch management, and incident response.

This role involves driving and executing vulnerability management processes, ensuring the security posture of enterprise assets, and supporting the incident response team.

• Develop and implement a comprehensive vulnerability management program.
• Conduct regular vulnerability assessments and penetration testing to identify security weaknesses.
• Continuously monitor and assess publicly disclosed vulnerabilities to determine their potential impact on enterprise assets.
• Provide detailed analysis and reports on identified vulnerabilities specific to Moderna's systems, assets, and environments, including risk assessments, mitigation recommendations, and remediation timelines.
• Stay up-to-date with the latest security threats, trends, and technologies to ensure the organization's security measures are current and effective, working closely with our Threat Intelligence team.
• Prioritize and coordinate remediation efforts of identified vulnerabilities across multi-functional engineering and manufacturing partners.
• Develop and maintain metrics to measure the effectiveness of the vulnerability management program.
• Perform security assessments of applications, systems, and networks to ensure compliance with security policies and standards.
• Collaborate with development and infrastructure teams to integrate vulnerability management into the software development lifecycle (SDLC).
• Act as a key member of the incident response team to investigate and mitigate security incidents.
• Provide expertise and guidance during security incidents to ensure timely and effective resolution.
• Develop, review, and update security policies, procedures, and standards to enhance the security posture of the organization.
• Ensure compliance with relevant regulations and industry standards.
• Provide leadership and mentorship to junior security engineers and other IT staff.
• Work closely with cross-functional teams, including IT, development, and operations, to ensure alignment on security initiatives.
• Communicate effectively with executive leadership and other stakeholders regarding security risks and mitigation strategies.

• 6+ years of experience in information security, with a focus on vulnerability management.
• Experience with cloud security (AWS, Azure, GCP).
• Familiarity with DevSecOps practices and integrating security into CI/CD pipelines.
• Knowledge of scripting and automation tools (e.g., Python, PowerShell).

• Strong knowledge of vulnerability management tools (e.g., Qualys, Nessus, Rapid7) and techniques.
• Experience with security assessment methodologies and penetration testing tools.
• In-depth understanding of security frameworks and standards (e.g., NIST, ISO 27001, CIS).
• Proven experience in incident response and handling security incidents.
• Excellent analytical, problem-solving, and communication skills.
• Relevant certifications such as CISSP, CISM, CEH, or GIAC are highly desirable.

• Highly competitive and inclusive medical, dental, and vision coverage options.
• Flexible Spending Accounts for medical expenses and dependent care expenses.
• Lifestyle Spending Account funds to help you engage in personal enrichment and self-care activities.
• Family care benefits, including subsidized back-up care options and on-demand tutoring.
• Free premium access to fitness, nutrition, and mindfulness classes.
• Exclusive preferred pricing on Peloton fitness equipment.
• Adoption and family-planning benefits.
• Dedicated care coordination support for our LGBTQ+ community.
• Generous paid time off, including vacation, sick time, and holidays.
• Volunteer time to participate within your community.
• Discretionary year-end shutdown.
• Paid sabbatical after 5 years; every 3 years thereafter.
• Generous Paid Leave offerings, including 18 weeks of 100% paid parental leave for all new parents.
• 401k match and Financial Planning tools.
• Moderna-paid Life, LTD, and STD insurance coverages, as well as voluntary benefit options.
• Complimentary concierge service including home services research, travel booking, and entertainment requests.
• Free parking or subsidized commuter passes.
• Location-specific perks and extras.

Since our founding in 2010, we have aspired to build the leading mRNA technology platform, the infrastructure to reimagine how medicines are created and delivered, and a world-class team.

We believe in giving our people a platform to change medicine and an opportunity to change the world.

By living our mission, values, and mindsets every day, our people are the driving force behind our scientific progress and our culture.

Together, we are creating a culture of belonging and building an organization that cares deeply for our patients, our employees, the environment, and our communities.

We are proud to have been recognized as a Science Magazine Top Biopharma Employer, a Fast Company Best Workplace for Innovators, and a Great Place to Work in the U.S.

As we build our company, we have always believed an in-person culture is critical to our success. Moderna champions the significant benefits of in-office collaboration by embracing a 70/30 work model. This 70% in-office structure helps to foster a culture rich in innovation, teamwork, and direct mentorship.

Join us in shaping a world where every interaction is an opportunity to learn, contribute, and make a meaningful impact.

If you want to make a difference and join a team that is changing the future of medicine, we invite you to visit to learn more about our current opportunities.

Moderna is a smoke-free, alcohol-free, and drug-free work environment.

Moderna is a place where everyone can grow. If you meet the Basic Qualifications for the role and you would be excited to contribute to our mission every day, please apply.

Moderna is proud to be an equal opportunity workplace and is an affirmative action employer.

Moderna is committed to equal employment opportunity and non-discrimination for all employees and qualified applicants without regard to a person's race, color, sex, gender identity or expression, age, religion, national origin, ancestry or citizenship, ethnicity, disability, military or protected veteran status, genetic information, sexual orientation, marital or familial status, or any other personal characteristic protected under applicable law.

Moderna is an E-Verify Employer in the United States. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.

Belonging, Inclusion, and Diversity are critical to the success of our company and our impact on society.

We're focused on attracting, retaining, developing, and advancing our employees and believe that by cultivating diverse experiences, backgrounds, and ideas, we can provide an environment where every employee is able to contribute their best.

Moderna is committed to offering reasonable accommodations to qualified job applicants with disabilities. Any applicant requiring an accommodation in connection with the hiring process and/or to perform the essential functions of the position for which the applicant has applied should contact the Accommodations team at (EEO/AAP Employer).