1

Vulnerability Management Jobs in Raleigh, NC (NOW HIRING)

Manage the full vulnerability lifecycle, including embargo handling, coordinated disclosure (CVD), CVE-ID requests, and publication of Security Advisories. Work with external stakeholders such as ...

You will lead vulnerability management and firmware/software coding tasks for various UEFI/BIOS, BMC, and microcontroller (MCU) applications across our product line, including motherboards and ...

You will lead vulnerability management and firmware/software coding tasks for various UEFI/BIOS, BMC, and microcontroller (MCU) applications across our product line, including motherboards and ...

You will lead vulnerability management and firmware/software coding tasks for various UEFI/BIOS, BMC, and microcontroller (MCU) applications across our product line, including motherboards and ...

Vulnerability management * Identity and access management * Encryption and key management * Experience owning or supporting PCI-DSS and similar frameworks * Proven ability to influence cross ...

Providing remediation consulting services to assigned development teams. * Assist with vulnerability management reporting and tracking. * Coordinating third-party penetration testing engagements ...

Providing remediation consulting services to assigned development teams. * Assist with vulnerability management reporting and tracking. * Coordinating third-party penetration testing engagements ...

next page

Showing results 1-20

Vulnerability Management information

See Raleigh, NC salary details

$5

$59

$82

How much do vulnerability management jobs pay per hour?

As of Jul 16, 2026, the average hourly pay for vulnerability management in Raleigh, NC is $59.36, according to ZipRecruiter salary data. Most workers in this role earn between $49.03 and $70.40 per hour, depending on experience, location, and employer.

What are the common challenges faced in a Vulnerability Management role?

Professionals in Vulnerability Management often encounter challenges such as rapidly evolving threat landscapes, prioritizing remediation efforts among numerous vulnerabilities, and ensuring continuous communication between technical and non-technical stakeholders. They may also need to adapt to changing regulatory requirements and work within tight deadlines to protect the organization from emerging risks. As part of this role, you'll collaborate regularly with IT, security, and business teams to ensure remediation steps are effectively implemented. Continuous learning and adaptability are important, as technologies and attack vectors change frequently in this field. Being proactive and detail-oriented will help you address these challenges and advance your career in cybersecurity.

What are the key skills and qualifications needed to thrive in the Vulnerability Management position, and why are they important?

To thrive in Vulnerability Management, you need a strong understanding of cybersecurity principles, network protocols, and risk assessment, typically supported by a relevant degree and experience in information security. Familiarity with vulnerability scanning tools (such as Nessus or Qualys), security frameworks, and industry certifications like CISSP or CompTIA Security+ is highly valued. Exceptional analytical thinking, communication skills, and an ability to work collaboratively across IT and business teams help professionals excel in this field. These competencies are crucial to effectively identifying, prioritizing, and mitigating security risks in dynamic organizational environments.

What is a Vulnerability Management job?

A Vulnerability Management job involves identifying, assessing, prioritizing, and mitigating security vulnerabilities in an organization's systems, networks, and applications. Professionals in this role use tools like vulnerability scanners and threat intelligence to detect weaknesses and coordinate remediation efforts with IT and security teams. They also establish policies, monitor security risks, and ensure compliance with industry standards. The goal is to reduce the organization's exposure to cyber threats and improve overall security posture.

What are the most commonly searched types of Vulnerability Management jobs in Raleigh, NC? The most popular types of Vulnerability Management jobs in Raleigh, NC are:
What are popular job titles related to Vulnerability Management jobs in Raleigh, NC? For Vulnerability Management jobs in Raleigh, NC, the most frequently searched job titles are:
What job categories do people searching Vulnerability Management jobs in Raleigh, NC look for? The top searched job categories for Vulnerability Management jobs in Raleigh, NC are:
What cities near Raleigh, NC are hiring for Vulnerability Management jobs? Cities near Raleigh, NC with the most Vulnerability Management job openings:
Infographic showing various Vulnerability Management job openings in Raleigh, NC as of July 2026, with employment types broken down into 67% Full Time, and 33% Contract. Highlights an 67% In-person, and 33% Remote job distribution, with an average salary of $123,460 per year, or $59.4 per hour.
DevSecOps Engineer

DevSecOps Engineer

Computer World Services

Morrisville, NC • On-site

Full-time

Posted 29 days ago


Job description

Computer World Services Corp. (CWS) is seeking a highly motivated and technically skilled DevSecOps Engineer responsible for the analysis, design, implementation, automation, security, testing, deployment, and lifecycle management of enterprise applications and supporting infrastructure within the NIEHS environment.
The DevSecOps Engineer combines business systems analysis expertise with modern software engineering, infrastructure automation, cybersecurity, and platform operations capabilities to support secure, scalable, and highly available enterprise applications. This position serves as a key contributor in integrating development, security, and operations practices throughout the Software Development Lifecycle (SDLC), ensuring compliance with Federal security requirements and supporting enterprise modernization initiatives.
The DevSecOps Engineer works closely with software developers, database administrators, systems engineers, cybersecurity personnel, project managers, and business stakeholders to deliver secure, reliable, and automated application solutions supporting NIEHS mission requirements.
Key Tasks & Responsibilities
Engineering and CI/CD Automation
• Design, implement, maintain, and optimize enterprise CI/CD pipelines supporting software development and deployment activities.
• Develop automated workflows for code integration, testing, security validation, packaging, release management, and deployment.
• Administer and support CI/CD platforms including:
  • Jenkins
  • GitLab CI/CD
  • GitHub Actions

• Support source code management platforms and branching strategies.
• Implement deployment automation across development, integration, testing, staging, and production environments.
• Monitor pipeline performance and continuously improve delivery efficiency and reliability.
• Migrate software builds through development, testing, integration, and production environments.
• Monitor deployment activities and remediate deployment failures within established service level agreements.
Infrastructure as Code and Automation
• Develop and maintain Infrastructure as Code (IaC) solutions using Terraform.
• Implement automated configuration management using Ansible.
• Develop reusable infrastructure modules, templates, and automation frameworks.
• Automate operational, administrative, and deployment processes.
• Support environment standardization and infrastructure modernization initiatives.
• Implement automated provisioning and configuration management capabilities across enterprise environments.
Container Platform Engineering
• Support containerized application deployments using Docker and Kubernetes platforms.
• Administer Rancher-managed Kubernetes environments.
• Manage container image lifecycle processes and private container registries.
• Implement container security best practices and vulnerability remediation procedures.
• Support runtime security monitoring and compliance initiatives.
• Assist application teams with container adoption, deployment patterns, and troubleshooting.
Application Security and Integration
• Integrate security controls and automated testing throughout the Software Development Lifecycle.
• Configure and maintain application security tools including:
  • OpenText Fortify (SAST)
  • Dynamic Application Security Testing (DAST)
  • Software Composition Analysis (SCA)
  • Secrets Management and Scanning Tools

• Review vulnerability findings and collaborate with development teams to remediate issues.
• Implement automated security gates and quality control processes.
• Support secure software development initiatives aligned with Federal security requirements.
• Promote DevSecOps best practices across development and operations teams.
Vulnerability Management and Compliance
• Support vulnerability management activities using Tenable and related security platforms.
• Conduct vulnerability assessments, remediation tracking, and risk analysis.
• Develop mitigation strategies when vulnerabilities cannot be remediated within required service levels.
• Coordinate mitigation approvals with Information System Security Officers (ISSOs).
• Implement approved mitigation plans following established change management procedures.
• Maintain compliance with:
  • FISMA
  • NIST 800-53
  • NIST Secure Software Development Framework (SSDF)
  • NIH and HHS security policies
  • Zero Trust Architecture principles

• Support audit readiness and compliance reporting activities.
Required Technical Skills
CI/CD and Automation
• Jenkins
• GitLab CI/CD
• GitHub Actions
• Git-based Source Control
• Release Management
Infrastructure Automation
• Terraform
• Ansible
• Infrastructure as Code (IaC)
• Configuration Management
Container Technologies
• Docker
• Kubernetes
• Rancher
Security
• OpenText Fortify
• SAST
• DAST
• Software Composition Analysis (SCA)
• Secrets Management
• Tenable Vulnerability Management
Programming and Scripting
• Python
• JavaScript / TypeScript
• Java
• C#
• PHP
• REST APIs
Enterprise Platforms
• Windows Server
• Red Hat Enterprise Linux (RHEL)
• Microsoft SQL Server
• Oracle Database
Education & Experience
Education
  • Bachelor's degree in Computer Science, Information Systems, Engineering, or related field (or equivalent experience)

Experience
  • Three (3) to seven (7) years of experience in DevOps, DevSecOps, Systems Engineering, Platform Engineering, Infrastructure Automation, or a related technical discipline.
  • Experience building or supporting CI/CD pipelines in enterprise environments.
  • Experience working with Git-based source control systems.
  • Experience supporting Windows and Linux environments.
  • Experience developing automation scripts and tools.

Certifications
Below certifications or similar are a plus, but not required:
  • Security+
  • Terraform Associate
  • Certified Kubernetes Application Developer (CKAD)
  • Certified Kubernetes Administrator (CKA)
  • GitLab CI/CD Certification
  • Azure Fundamentals or equivalent cloud certification
  • Certified DevSecOps Professional
  • ITIL Foundation

Security Clearance
  • Applicants must be able to obtain a Public Trust clearance

Computer World Services is an affirmative action and equal employment opportunity employer. Current employees and/or qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, disability, protected veteran status, genetic information or any other characteristic protected by local, state, or federal laws, rules, or regulations.
Computer World Services is committed to the full inclusion of all qualified individuals. As part of this commitment, Computer World Services will ensure that individuals with disabilities (IWD) are provided reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact Human Resources at [email protected].
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses and identifying potential inconsistencies or verification signals in application materials based on available information. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.