Rapid7 Vulnerability Management Lead

Hello, Position: Rapid7 Vulnerability Management Lead Location: Remote Role Summary The Rapid7 Vulnerability Management Lead will serve as a critical enabler within the BDSC (Boeing Digital Security Center) organization, driving enterprise-wide vulnerability management operations using the Rapid7 Insight-VM platform. This role is the central coordination hub between Boeing's SOX compliance team and infrastructure operations, ensuring vulnerabilities are identified, prioritized, tracked, and remediated in alignment with Boeing's security standards, regulatory requirements, and organizational risk appetite. The ideal candidate is a hands-on, detail-oriented security professional who combines deep Rapid7 platform expertise with strong cross-team collaboration skills and the ability to translate vulnerability data into clear, actionable risk insights for both technical teams and leadership. Key Responsibilities Monitor Rapid7 dashboards and reports to identify critical and high-severity vulnerabilities. Track vulnerability remediation progress and follow up with infrastructure teams (Windows, Linux, Network, Endpoint). Coordinate remediation activities and escalate blockers when required. Create and track Corrective Action Plans (CAPs) for vulnerabilities that require formal risk tracking. Perform vulnerability trend analysis and track aging vulnerabilities. Prepare weekly vulnerability status reports and dashboards for leadership review. Work with Rapid7 tool owners to review scan configurations and improve coverage. Ensure vulnerability management activities align with Boeing security standards. Log in to and manage daily operations within the Rapid7 platform (Insight-VM) including dashboards, reports, and asset views. Monitor Rapid7 dashboards to identify and prioritize critical and high-severity vulnerabilities. Customize and maintain Rapid7 dashboards and reporting views to improve visibility for security and leadership teams. Support scan configuration review, fine-tuning, and coverage validation to ensure accurate vulnerability detection. Perform vulnerability trend analysis, aging analysis, and risk prioritization based on severity and exposure. Support asset inventory alignment and cleanup within Rapid7 to ensure accurate scan coverage. Identify stale, inactive, or duplicate devices in Rapid7 and coordinate with the tool owner and infrastructure teams for cleanup and asset alignment. Collaborate with the Rapid7 tool owner and security teams to improve scan coverage, reporting visibility, and vulnerability tracking effectiveness. Vulnerability Exception Handling & False Positive Validation Remediation Projects & Workflow Management in Rapid7 Ensure appropriate asset onboarding and scan coverage across infrastructure environments. Required Skills Skill Proficiency Rapid7 Insight-VM / Vulnerability Management Platform Expert Rapid7 Dashboard & Report Creation Expert Vulnerability Lifecycle Management Expert Remediation Coordination & CAP Management Strong Vulnerability Trend & Aging Analysis Strong Scan Configuration & Coverage Validation Proficient Asset Inventory Management in Rapid7 Proficient Security Reporting Strong Risk Score Interpretation & CVSS Analysis Strong Infrastructure Knowledge Proficient Rapid7 Query Builder & Data Filtering Proficient Dynamic Asset Groups & Tagging Management Strong Core Competency Requirements Strong hands-on experience with Rapid7 Insight-VM / Rapid7 Vulnerability Management platform Demonstrated experience in vulnerability analysis, remediation coordination, and security reporting Solid knowledge of CVSS scoring, vulnerability lifecycle, and industry-standard remediation practices Proven experience creating and maintaining Rapid7 dashboards, reports, and analytics views Ability to coordinate and collaborate with multiple infrastructure, security, and compliance teams Experience creating and managing Corrective Action Plans (CAPs) and formal risk tracking documentation Familiarity with Boeing security standards or equivalent enterprise-level security governance frameworks Preferred / Nice-to-Have Skills Experience working within SOX-aligned or compliance-driven security environments Experience with ticketing platforms for vulnerability tracking (ServiceNow, Jira, Remedy)