Mobile Device Vulnerability Management & Configuration Compliance Engineer

Job title - Mobile Device Vulnerability Management & Configuration Compliance EngineerWork location - Springfield, Boston or New York/ NJ OnsiteContract duration - 12 monthsW2 PositionMinimum years of experience needed in the required skills- 5 years of experienceMinimum over all work experience required - 5 yearsDomain - Cyber Security: Application SecurityJD:The Mobile Device Vulnerability Management & Configuration Compliance Engineer will partnerwith internal stakeholders to design, validate, and operationalize an automated mobile devicevulnerability scanning and configuration compliance capability across enterprise-issued mobileendpoints (iOS/iPadOS and Android). This role leads proof-of-technology (PoT) activities includingtool evaluation, architecture validation, security controls mapping, and pilot execution, and drivesfull-scale implementation through integration with other security tools such as MDM, SIEM/SOAR,ITSM, and asset inventory/CMDB systems.The engineer will establish and maintain mobile vulnerability management processes aligned tocorporate and regulatory requirements, develop continuous compliance and policy enforcementstrategies, implement risk-based remediation workflows, and deliver measurable improvements inmobile endpoint security posture.Key Responsibilities• Define PoT scope, success criteria, and test plans for automated mobile vulnerabilityscanning (e.g., agent-based/agentless, MDM-integrated, API-driven).• Evaluate candidate tools for: coverage (OS/app/cert/profile), detection accuracy,scalability, device impact, privacy controls, and reporting fidelity.• Execute pilots across representative device populations validating:o vulnerability detection capabilities (OS versions, CVEs, patch levels, risky apps)o configuration compliance checks (encryption, jailbreak/root, screen lock, OShardening)o integration readiness (Intune/Workspace ONE/Jamf; SIEM; ITSM; CMDB)• Produce PoT outcomes: findings, risk analysis, cost/benefit, architecture decision record,and go/no-go recommendation.• Coordinate with InfoSec and Compliance teams to ensure SaaS platform posture aligns withregulatory requirements (NYDFS).• Build and run mobile vulnerability lifecycle processes: discovery, assessment, prioritization,remediation, validation, reporting.• Establish severity/risk scoring tuned for mobile (exposure, device role, app risk, complianceimpact).• Coordinate remediation with endpoint engineering, mobility admins, app owners, andoperations teams.• Validate remediation effectiveness using scanner re-runs, policy compliance, and auditevidence.• Develop, deploy, and continuously improve baseline security configurations for iOS/iPadOSand Android.• Translate requirements into enforceable policies (password/biometrics, encryption, OSupdate controls, app controls, certificate/profile constraints, VPN/Wi-Fi security, loggingsettings).

Apply Now