Demo

Vulnerability, Threat and Exposure Management Engineer (68133BR)

Harvard University
Cambridge, MA Full Time
POSTED ON 3/27/2025
AVAILABLE BEFORE 4/25/2025
Position Description

Harvard University Information Technology (HUIT) is a community of Information Technology professionals committed to delivering service and technological solutions in support of teaching, learning, research and administration. We are recruiting an IT workforce that has both breadth in their ability to collaborate and innovate across disciplines – and depth in specific areas of expertise. HUIT offers opportunities for IT professionals to learn and work in a unique technology landscape and service-focused environment. If you are a technically proficient, nimble, user-focused, and accountable IT professional who also connects with the importance of collaborating well in a team environment, we are looking for you!

This is a fully benefitted, full-time Harvard University position that has been funded through December 31, 2026. There is the possibility of renewal, contingent on funding and department & university priorities .

Harvard’s Information Security and Data Privacy (ISDP) team is a prominent office with university-wide purview and an important purpose: to safeguard the systems and data that propel Harvard’s noble mission and to bolster the university’s trustworthiness as a steward of personal information. We’re passionate about privacy and security, and our work is meaningful, impactful, and deeply rewarding.

In ISDP, team health comes first. We cultivate a culture of openness, positivity, growth, and trust. We even have a Chief Fun Officer role to arrange our team activities! Ours is a collegial environment where we support one another and where we encourage taking risks in the name of progress.

Lead comprehensive collaboration, design, development, and implementation of enterprise-wide vulnerability and threat exposure management strategies. Oversee the creation and execution of robust security architectures, solutions, and policies to proactively identify, assess, and mitigate cyber threats across the organization's attack surface.

Want to be part of something new? At Harvard, we’re taking the novel approach of fully integrating data privacy and information security into a single program that we’re calling “PrivSec.” By combining the two, these complementary pursuits can act in concert and on equal footing, where the whole is greater than the sum of its parts. Our PrivSec journey is just beginning, with strong potential for creating a new standard to be emulated elsewhere.

Typical Core Duties:


  • Serve as a vulnerability management and exposure management expert, guiding project teams in compliance with enterprise IT security policies, regulations, and recommending strategic solutions for continuous security posture improvement.
  • Implement and oversee vulnerability scanning, threat intelligence integration, and risk prioritization processes to enhance the organization's security stance.
  • Research, design, and advocate for new technologies, architectures, and procedures that support proactive threat exposure management and align with Harvard's mission.
  • Ensure accurate and timely vulnerability metrics and reporting; prepare specialized threat exposure analyses and ad hoc reports.
  • Act as a trusted advisor to clients/staff on matters of vulnerability management and continuous threat exposure.
  • Abide by and follow the Harvard University IT Code of Conduct.

Basic Qualifications


  • Minimum of seven years’ post-secondary education or relevant work experience

Additional Qualifications And Skills

The following Additional Qualifications are strongly preferred. If you meet some, but not all, you are still encouraged to apply; we value employees with a willingness to learn:


  • Proficiency in vulnerability scanning tools, threat intelligence platforms, and risk assessment methodologies.
  • In-depth knowledge of CVSS scoring systems and ability to prioritize vulnerabilities based on organizational risk.
  • Strong understanding of attack surface management and continuous monitoring techniques.
  • Demonstrated experience with vulnerability management systems and data query tools.
  • Familiarity with diverse areas of potential exposure, including but not limited to: application source code security, operational technology (OT) environments, container security, and cloud security posture. management (CSPM). While comprehensive expertise across all domains is rare, a strong understanding of at least two areas and willingness to learn and adapt to others is highly desirable.

Certificates and Licenses


  • Completion of Harvard IT Academy Information Security Foundations course (or external equivalent) preferred
  • IT Security Certifications required; e.g., CISSP, CISA/CISM, CEH, or GIAC certifications
  • Additional certifications in vulnerability management or threat intelligence preferred

Working Conditions


  • Work is performed in an office setting

Additional Information

Please provide a cover letter with your application.

Please note:


  • Harvard University requires pre-employment reference and background screening. 
  • We are unable to provide work authorization and/or visa sponsorship. 
  • This position has a 180-day orientation and review period.

Accessibility:

Harvard University welcomes individuals with disabilities to apply for positions and participate in its programs and activities. If you would like to request an accommodation or have questions about the physical access provided, please contact our University Disability Resources Department.

Work Format Details

This position is Hybrid (partially onsite/partially remote) with the possibility of fully remote.


  • Fully remote is for work locations over 150 miles from campus and within an approved Harvard registered payroll state. All remote work must be completed in a registered state, which includes Massachusetts, Connecticut, Maine, New Hampshire, Rhode Island, Vermont, Georgia, Illinois, Maryland, New Jersey, New York, Virginia, Washington, and California (CA for exempt positions only) Harvard registered payroll state . Certain visa types and funding sources may limit work location. Individuals must meet work location sponsorship requirements prior to employment.

Travel to campus may be necessary based on business needs and the nature of work and needs to be in accordance with HUIT policy . Examples include bi-annual or quarterly Town Halls, critical business meetings, and other work events.

About Us

More About HUIT:

Our Mission:
huit.harvard.edu/about

We empower the Harvard community with essential and transformative technologies to advance education, knowledge, and discovery.

HUIT’s core values are:


  • Human-centered
  • University-focused
  • Innovation-driven
  • Team-oriented

IT Academy (designed for IT Staff):

HUIT’s IT Academy aims to enable each IT staff person to grow professionally and become a trusted partner to her or his team. The IT Academy is built on the belief that every IT staff member across the University (including technology employees at each school and campus) can grow in her or his area of expertise as well as building strong people and project management skills. Learn more here: https://itacademy.harvard.edu/

Benefits

We invite you to visit Harvard's Total Rewards website ( https://hr.harvard.edu/totalrewards ) to learn more about our outstanding benefits package, which may include:


  • Paid Time Off: 3-4 weeks of accrued vacation time per year (3 weeks for support staff and 4 weeks for administrative/professional staff), 12 accrued sick days per year, 12.5 holidays plus a Winter Recess in December/January, 3 personal days per year (prorated based on date of hire), and up to 12 weeks of paid leave for new parents who are primary care givers.
  • Health and Welfare: Comprehensive medical, dental, and vision benefits, disability and life insurance programs, along with voluntary benefits. Most coverage begins as of your start date.
  • Work/Life and Wellness: Child and elder/adult care resources including on campus childcare centers, Employee Assistance Program, and wellness programs related to stress management, nutrition, meditation, and more.
  • Retirement: University-funded retirement plan with contributions from 5% to 15% of eligible compensation, based on age and earnings with full vesting after 3 years of service.
  • Tuition Assistance Program: Competitive program including $40 per class at the Harvard Extension School and reduced tuition through other participating Harvard graduate schools.
  • Tuition Reimbursement: Program that provides 75% to 90% reimbursement up to $5,250 per calendar year for eligible courses taken at other accredited institutions.
  • Professional Development: Programs and classes at little or no cost, including through the Harvard Center for Workplace Development and LinkedIn Learning.
  • Commuting and Transportation: Various commuter options handled through the Parking Office, including discounted parking, half-priced public transportation passes and pre-tax transit passes, biking benefits, and more.
  • Harvard Facilities Access, Discounts and Perks: Access to Harvard athletic and fitness facilities, libraries, campus events, credit union, and more, as well as discounts to various types of services (legal, financial, etc.) and cultural and leisure activities throughout metro-Boston.

Job Function

Information Technology

Department Office Location

USA - MA - Cambridge

Job Code

I0459P IT Info Security Professnl V

Work Format

Hybrid (partially on-site, partially remote)

Sub-Unit

Salary Grade

059

Department

ISDP

Union

00 - Non Union, Exempt or Temporary

Time Status

Full-time

Pre-Employment Screening

Identity

Commitment to Equity, Inclusion, and Belonging

Harvard University views equity, inclusion, and belonging as the pathway to achieving inclusive excellence and fostering a campus culture where everyone can thrive. We strive to create a community that draws upon the widest possible pool of talent to unify this excellence while fully embracing individuals from varied backgrounds, cultures, races, identities, life experiences, perspectives, beliefs, and values.

EEO Statement

We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, gender identity, sexual orientation, pregnancy and pregnancy-related conditions, or any other characteristic protected by law.

LinkedIn Recruiter Tag (for internal use only)

Salary : $5,250

If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

What is the career path for a Vulnerability, Threat and Exposure Management Engineer (68133BR)?

Sign up to receive alerts about other jobs on the Vulnerability, Threat and Exposure Management Engineer (68133BR) career path by checking the boxes next to the positions that interest you.
Income Estimation: 
$76,865 - $99,440
Income Estimation: 
$92,729 - $118,963
Income Estimation: 
$152,549 - $188,894
Income Estimation: 
$194,072 - $240,547
Income Estimation: 
$135,994 - $168,063
Income Estimation: 
$161,209 - $233,553
Income Estimation: 
$70,462 - $84,818
Income Estimation: 
$77,991 - $108,747
Income Estimation: 
$87,093 - $107,335
Income Estimation: 
$140,233 - $181,029
Income Estimation: 
$161,209 - $233,553
Income Estimation: 
$87,093 - $107,335
Income Estimation: 
$111,725 - $147,313
Income Estimation: 
$112,673 - $137,290
Income Estimation: 
$140,233 - $181,029
Income Estimation: 
$161,209 - $233,553
Income Estimation: 
$112,673 - $137,290
Income Estimation: 
$139,945 - $168,577
Income Estimation: 
$140,233 - $181,029
Income Estimation: 
$161,209 - $233,553
View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

Job openings at Harvard University

Harvard University
Hired Organization Address Cambridge, MA Full Time
67470BRAuto req ID : 67470BRJob Code : I0058P IT Project Manager IV Department Office Location : USA - MA - Boston Busin...
Harvard University
Hired Organization Address Cambridge, MA Temporary
67825BRAuto req ID : 67825BRJob Code : I0757P Applications Professional III Department Office Location : USA - MA - Bost...
Harvard University
Hired Organization Address Boston, MA Full Time
Basic Qualifications Candidates must possess a J.D. and be admitted to the Massachusetts bar or eligible for temporary a...
Harvard University
Hired Organization Address Boston, MA Full Time
Position Description The Harvard Medical School (HMS) Registrar is responsible for overseeing all registrar operations i...

Not the job you're looking for? Here are some other Vulnerability, Threat and Exposure Management Engineer (68133BR) jobs in the Cambridge, MA area that may be a better fit.

Vulnerability, Threat and Exposure Management Engineer

Harvard University, Cambridge, MA

Vulnerability Management Security Engineer

Cognizant Technology Solutions, Boston, MA

AI Assistant is available now!

Feel free to start your new journey!