Jane Street Group

Cybersecurity Engineer - Vulnerability Management

Jane Street Group · New York, NY
New York, NY Posted 2026-06-17
Type
Full-time

About the Position

We're looking for a Cybersecurity Engineer to help us mature our vulnerability management program. You'll join our Cybersecurity team, a skilled group of programmers and security experts dedicated to keeping the firm safe.

Vulnerability management is the focus of this role, but it doesn't tell the whole story—we want a well-rounded engineer whose knowledge spans the different facets of cybersecurity, because that broader perspective is what lets you reason well about real risk and where to spend effort.

Vulnerability management is a well-established part of how we keep the firm safe, and as we grow, we're continuing to invest in it, with a particular focus on automation and on scaling the program to keep pace with an expanding environment.

This is a hands-on, build-heavy role. We want someone with a strong technical foundation who isn't afraid to build something themselves, who has good judgment about what actually matters, and who can explain the "why" behind a risk and its mitigation. Manual triage doesn't scale at our size, so you'll lean on automation, including AI tooling paired with good judgment, knowing where it helps and when we need a human in the loop.

Your work will also include:

  • Supporting and improving the vulnerability management lifecycle end to end, from discovery and validation through triage, assignment, remediation tracking, and verification
  • Reviewing new findings from automated scanning tools, threat intel, and security advisories, then prioritizing based on real exploitability and exposure rather than severity score alone, so we act on what genuinely matters
  • Validating and deduplicating findings across sources, confirming whether an affected product or component is actually present, and routing work to the team that owns the fix
  • Measuring scanning coverage and data quality and knowing what isn't being scanned, where scans are stale, and where authentication is failing, rather than assuming coverage is complete
  • Driving automation across vulnerability management tooling and processes
  • Broadening scanning coverage across asset classes, including evaluating and migrating scanning platforms as needed
  • Bringing software inventory and SBOM data into the picture so we can answer where a vulnerable component is used across our software, not just what's running on a given host
  • Building dashboards and metrics that measure coverage, SLAs, and progress

About You

  • You automate rather than do things by hand, keep your code and configs in version control by default, work comfortably under code review, and care about leaving things maintainable
  • You’re comfortable working with data, querying and shaping it, and building and debugging the data pipelines and integrations that stitch messy, inconsistent inputs into something dependable
  • You have hands-on vulnerability management experience in a substantial environment, including experience with an automated scanning platform such as Rapid7, Tenable, or Qualys, and an understanding of how scanning, asset inventory, and remediation tracking fit together
  • You’re a measured responder who reasons about trade-offs and context, understands threat modeling, and knows not every finding deserves the same urgency
  • You follow cybersecurity developments and can tell the difference between an interesting hack and what matters day-to-day
  • You understand and practice good personal cybersecurity hygiene, and can talk to others about it
  • You’re a clear communicator across audiences, who writes things down so others can follow
  • You have a positive and collaborative attitude; You understand that a key component of cybersecurity is bringing others along with you on the journey

If you're a recruiting agency and want to partner with us, please reach out to [email protected]

Jane Street Group

Jane Street Group

Quantitative Trading · Private · New York, USA

Stage & Valuation
Private
Open roles on NewJob
Most hiring in
Engineering (44) · Operations (21) · Finance (10)
Jane Street Group is a quantitative trading firm and liquidity provider that uses technology and collaborative problem-solving to trade financial products. They trade a wide range of assets including equities, futures, commodities, options, and bonds across global markets.
Quantitative Trading Financial Services Proprietary Trading Liquidity Provider
O
AML Onboarding Analyst
New York, NY
Operations
E
ASIC Engineer
New York, NY
Engineering
E
ASIC Physical Design Engineer
New York, NY
Engineering
See all 90+ roles at Jane Street Group →
N
Security Engineer II - Cloud & Vulnerability Management
Nasuni Corporation Remote (US) Remote
Engineering
A
Full Stack Software Engineer - Alts & Data Management
Addepar New York, NY
Engineering
$107K–$168K
C
Senior Vulnerability Management Engineer
Celonis New York, NY
Engineering
$161K–$189K
C
Renewal Risk Engineer - Management Liability
Counterpart Remote, Central (United States) Remote
Engineering
$120K–$170K
See all Engineering roles →

Interested in this role?

Apply directly on the company site — no recruiter middleman, no account required.

Apply now →
Apply on company site