Vulnerability Management Analyst III- Eng

Job Overview

Eligibility / Qualification Required:

• Analyze and triage vulnerabilities (code and infrastructure) from multiple scanning platforms across cloud, infrastructure, and application layers
• Coordinate remediation with engineering teams by creating actionable tickets with clear ownership, severity, and SLA expectations
• Track remediation SLAs and escalate breaches to engineering management
• Perform root cause analysis on recurring vulnerability patterns and recommend systemic fixes
• Support third-party vulnerability management programs
• Manage vulnerability exceptions, risk acceptances, and compensating controls documentation

• Build and maintain automation pipelines that streamline vulnerability intake, triage, and routing using Python, APIs, and AI/ML tools
• Develop AI-assisted vulnerability analysis tools using LLMs for automated severity assessment, impact analysis, and remediation guidance
• Create and enhance ticket automation workflows that auto-create, route, and escalate vulnerabilities based on severity, asset ownership, and SLA status
• Build integrations between security scanning platforms and ticketing systems for automated vulnerability lifecycle management
• Leverage Claude Code, MCP servers, and enterprise AI tools to automate repetitive analysis tasks and reporting
• Contribute to the team's shared automation repositories and Claude Code skills store

• Maintain and enhance vulnerability dashboards that provide real-time visibility into vulnerability posture, SLA compliance, and remediation trends
• Generate weekly, monthly, and quarterly vulnerability reports for security leadership and engineering stakeholders
• Track and report on key vulnerability metrics: mean time to remediate (MTTR), SLA compliance rates, vulnerability backlog trends, and risk reduction over time
• Support audit and compliance requirements with vulnerability management evidence

• Assist with vulnerability scanning platform operations (scan scheduling, policy configuration, agent deployment)
• Identify gaps in scanning coverage and recommend new tools or configurations
• Support ServiceNow integration for infrastructure vulnerability tracking
• Participate in incident response when vulnerability exploitation is suspected

• 3+ years of experience in vulnerability management, security operations, or a closely related cybersecurity discipline
• 2+ years working with enterprise vulnerability scanning tools
• Proficiency in AI and scripting for automation — ability to write production-quality code that integrate APIs, process data, and automate workflows
• Experience with Jira or similar ticketing systems for vulnerability tracking and remediation coordination
• Understanding of CVE/CVSS scoring, vulnerability lifecycle management, and SLA-based remediation programs
• Familiarity with cloud security concepts and common cloud vulnerability patterns
• Understanding of network, OS, and application-level vulnerabilities and their remediation approaches
• Strong written communication skills — ability to create clear, actionable vulnerability tickets and reports
• Bachelor's degree in Computer Science, Cybersecurity, Information Systems, or equivalent experience

• Hands-on experience with Claude Code coding assistants for security tooling development
• Experience building integrations between security platforms and ticketing/workflow systems
• Experience with SCA (Software Composition Analysis) vulnerability management and open-source risk
• Familiarity with common developer workflows (GitHub, Jira, ServiceNow, etc)
• Experience with external risk rating platforms
• Knowledge of container security, Kubernetes vulnerability management, and cloud-native security tooling
• Experience with dashboard development for vulnerability metrics
• Security certifications: CompTIA Security+, CySA+, CEH, or equivalent
• Experience in SaaS/multi-tenant environments processing sensitive data

• Join a team where automation is a core expectation — all team members build production automation tools
• Have access to enterprise AI infrastructure (Claude Code, LiteLLM, MCP servers) to build AI-powered security tools
• Work alongside experienced automation builders who have created integrations, AI-assisted dashboards, and automated routing systems
• Own projects end-to-end — from identifying a manual process to building and deploying the automation that eliminates it
• Grow your career in an environment that values builders

How to Apply: