Skip to content
mimi

Mobile Device Vulnerability Management & Configuration Compliance Engineer

Jobs via Dice

New York · On-site Contract Mid Level 1mo ago

About the role

About

Seeking a Mobile Device Vulnerability Management & Configuration Compliance Engineer with expertise in iOS/iPadOS & Android security, MDM/UEM platforms, vulnerability management, configuration compliance, SIEM/SOAR integrations, automation scripting, and enterprise mobile security operations.

Job Details

  • Role: Mobile Device Vulnerability Management & Configuration Compliance Engineer
  • Employment Type: Contract (C2C)
  • Location: Springfield MA, Boston MA, New York City NY, Jersey City NJ
  • Experience: 5–8+ years (2–4+ specifically in mobile/UEM security, vulnerability management, or compliance)

Key Responsibilities

  • Define PoT scope, success criteria, and test plans for automated mobile vulnerability scanning
  • Evaluate candidate tools for coverage, detection accuracy, scalability, privacy, and reporting fidelity
  • Execute pilots validating vulnerability detection (OS versions, CVEs, patch levels, risky apps) and configuration compliance (encryption, jailbreak/root, screen lock, OS hardening)
  • Produce PoT outcomes including findings, risk analysis, cost/benefit, architecture decisions, and recommendations
  • Coordinate with InfoSec and Compliance teams to meet regulatory requirements (e.g., NYDFS)
  • Build and run mobile vulnerability lifecycle processes: discovery, assessment, prioritization, remediation, validation, and reporting
  • Develop severity/risk scoring tuned for mobile devices
  • Coordinate remediation with endpoint engineering, mobility admins, app owners, and operations teams
  • Validate remediation effectiveness via scanner re-runs and policy compliance checks
  • Develop, deploy, and maintain baseline security configurations for iOS/iPadOS and Android
  • Translate requirements into enforceable security policies
  • Implement compliance monitoring and drift detection; drive automated corrective actions
  • Build automation scripts and APIs to normalize and enrich findings
  • Support change management and training for operations teams
  • Deliver documentation: PoT plans, architecture diagrams, operational runbooks, audit evidence

Required Skills

  • Mobile OS security: iOS/iPadOS and Android security models, patching, app ecosystems, jailbreak/root detection
  • Vulnerability management: CVE/patch lifecycle, risk prioritization, SLAs, metrics
  • Configuration compliance: baseline hardening, policy enforcement, continuous monitoring, drift remediation
  • Mobility scanning tools: Qualys Mobile VMDR, Lookout, Workspace ONE + Microsoft Threat Defense, or equivalent
  • MDM experience: Microsoft Intune, Omnissa Workspace ONE, Jamf Pro, or equivalent
  • Enterprise integration: API integration, data normalization, automation with SIEM/SOAR/ITSM
  • Identity & access: conditional access, device compliance states, SSO, certificates, MFA, posture-based access controls
  • Scripting/automation: PowerShell or Python; REST APIs, JSON, OAuth, secrets management
  • Documentation: PoT plans, architecture diagrams, operational runbooks, audit evidence
  • Strong analytical, problem-solving, and stakeholder management skills
  • Ability to work independently and across multifunctional teams
  • Familiarity with NIST, CIS Benchmarks, DISA STIG (mobile), ISO 27001 or similar frameworks

Educational Requirements

  • Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, Engineering, or equivalent practical experience

Certifications (Relevant / Preferred)

  • CompTIA Security+, CySA+
  • GIAC: GSEC, GMON
  • Qualys / Rapid7 / Tenable certifications (or equivalent)
  • Governance / Risk / Architecture (bonus)
  • CISSP, CISM, CCSP
  • ITIL Foundation (for ITSM integration)

Experience Level

  • 5–8+ years in cybersecurity/endpoint security
  • 2–4+ years specifically in mobile/UEM security, vulnerability management, or compliance engineering

Please share your updated resume and a good time for a quick conversation.

Looking forward to your response.

Skills

APICIS BenchmarksCompTIA Security+Computer ScienceConfiguration complianceCybersecurityDISA STIGEngineeringGIACInformation SystemsiOSiPadOSISO 27001Jamf ProJSONLookoutMFAMicrosoft IntuneMobile OS securityMobility scanning toolsNISTOAuthPatch lifecyclePowerShellPythonQualys Mobile VMDRRapid7REST APIsRisk prioritizationSecurity policiesSIEMSOARSSOTenablesThreat DefenseVulnerability managementWorkspace ONE

Don't send a generic resume

Paste this job description into Mimi and get a resume tailored to exactly what the hiring team is looking for.

Get started free