Threat & Vulnerability Management Engineer

The Opportunity

QuidelOrtho unites the strengths of Quidel Corporation and Ortho Clinical Diagnostics, creating a world-leading in vitro diagnostics company with award-winning expertise in immunoassay and molecular testing, clinical chemistry and transfusion medicine. We are more than 6,000 strong and do business in over 130 countries, providing answers with fast, accurate and consistent testing where and when they are needed most – home to hospital, lab to clinic.

Our culture puts our team members first and prioritizes actions that support happiness, inspiration and engagement. We strive to build meaningful connections with each other as we believe that employee happiness and business success are linked. Join us in our mission to transform the power of diagnostics into a healthier future for all.

The Role

As we continue to grow as QuidelOrtho, we are seeking a Threat & Vulnerability Management Engineer/Analyst to support our cybersecurity team. This highly skilled Penetration Tester with expertise in Tenable.io to join our dynamic cybersecurity team. The Penetration Tester will be responsible for conducting network, application, and cloud-based penetration testing while utilizing Tenable.io for vulnerability scanning, analysis, and reporting. The successful candidate will assess the security of our systems, identify weaknesses, and provide actionable recommendations to mitigate risks.

This position will be working in a hybrid schedule in San Diego, CA or Raritan, NJ (2-3 days onsite).

The Responsibilities

• Perform in-depth penetration tests on networks, web applications, APIs, mobile applications, cloud infrastructures, and IoT devices.
• Simulate various attack scenarios to identify vulnerabilities, weaknesses, and potential risks in the organization's security posture.
• Develop and execute both manual and automated testing methodologies to assess the organization's infrastructure.
• Conduct comprehensive vulnerability assessments using Tenable.io, including network scanning, agent deployment, and asset discovery.
• Analyze and interpret Tenable.io scan results, prioritizing vulnerabilities based on risk and impact.
• Assist with the deployment, configuration, and maintenance of Tenable.io within the organization.
• Prepare detailed reports summarizing findings, risks, and recommended remediation steps for stakeholders.
• Collaborate with development and infrastructure teams to advise on remediation efforts and provide security expertise.
• Perform retesting of vulnerabilities to validate remediation actions.
• Contribute to the improvement of security testing procedures, methodologies, and toolsets.
• Stay up to date with the latest security trends, threats, and best practices to improve testing methods.
• Provide security training and awareness to internal teams as needed.
• Work closely with other cybersecurity professionals, IT teams, and external vendors to address security vulnerabilities.
• Provide consultation and recommendations for improving overall security posture based on penetration testing results.
• Strong communications skills with the ability to explain technical concepts in layman terms.
• Perform other work-related duties as assigned.

The Individual

Required:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field (equivalent experience will be considered).
• Proven experience as a Penetration Tester with a strong understanding of common security vulnerabilities (e.g., OWASP Top 10, MITRE ATT&CK).
• Hands-on experience with Tenable.io, including deployment, configuration, and reporting. 
• Experience with scripting languages (e.g., Python, Bash) and penetration testing tools (e.g., Metasploit, Burp Suite, Nmap, Wireshark).
• Strong knowledge of vulnerability scanning, risk assessment, and remediation techniques.
• Proficiency in network and application security principles, testing frameworks, and methodologies.
• Excellent communication skills for preparing reports and communicating technical details to non-technical stakeholders.
• Ability to travel up to 5%.

Preferred:

• Experience with Rapid7
• Relevant certifications such as OSCP, CEH, GPEN, GWAPT, or similar.
•  Tenable.io-specific certifications.

The Key Working Relationships

Internal Partners:

• All levels of the organization.

External Partners:

• Vendors and Customers.

The Work Environment

No strenuous physical activity, though occasional light lifting of files and related materials is required. 30% of time in meetings, working with team, or talking on the phone, 70% of the time at the desk on computer, doing analytical work. Minimal travel required. Travel includes airplane, automobile travel and overnight hotel.

Physical Demands

Typically, 40% of time in meetings; 60% of time at the desk on computer/doing paperwork/ on phone, doing analytical work. Walking, standing, and sitting for long periods of time are routine to accomplish tasks in this role. Specific vision abilities required by this job include close and distance vision and the ability to adjust focus. Ability to travel on short term notice.

Salary Transparency

The salary range for this position takes into account a wide range of factors including education, experience, knowledge, skills, geography, and abilities of the candidate, in addition to internal equity and alignment with market data. At QuidelOrtho, it is not typical for an individual to be hired at or near the top range for their role and compensation decisions are dependent on the facts and circumstances of each case. The salary range for this position is $95,000 - $110,000. QuidelOrtho offers a comprehensive benefits package including medical, dental, vision, life, and disability insurance, along with a 401(k) plan, employee assistance program, Employee Stock Purchase Plan, paid time off (including sick time), and paid Holidays. All benefits are non-contractual, and QuidelOrtho may amend, terminate, or enhance the benefits provided, as it deems appropriate.

Equal Opportunity

QuidelOrtho believes in Equal Opportunity for all and is committed to ensuring all individuals, including individuals with disabilities, have an opportunity to apply for those positions that they are interested in and qualify for without regard to race, religion, color, national origin, citizenship, sex, sexual orientation, gender identity, age, veteran status, disability, genetic information, or any other protected characteristic. QuidelOrtho is also committed to providing reasonable accommodations to qualified individuals so that an individual can perform the duties. If you are interested in applying for an employment opportunity and require special assistance or an accommodation to apply due to a disability, please contact us at [email protected].