SailPoint is seeking a forward-leaning Vulnerability Management Engineer to provide leadership and execution for an industry-leading security program. As a provider of both SaaS and enterprise software for some of the world’s most prestigious organizations, SailPoint strives for best-in-class security. The Vulnerability Management Engineer will identify and lead improvements to vulnerability detection and drive better remediation results through implementing and improving assessment/reporting tooling. They will also constantly learn about and utilize the newest Vulnerability Management tooling and processes for both traditional and non-traditional resources. As a senior-level engineer they will act as a project lead for independent project work as well as an escalation point for vulnerability management analysts on the team.
The ideal candidate will have a high passion for security, innovation, and problem-solving and the ability to work well within a team. The ideal candidate is expected to have a thorough understanding of IT, cloud, and security systems and stay up to date with the latest security standards and best practices. This role will be a vital member of the CISO team and can be remote or based in Austin, TX.
- Implement, operationalize, and/or improve the configuration of SailPoint’s vulnerability assessment tools. Lead the assessment, design, implementation, and maintenance of new scanning technology across the enterprise.
- Provide guidance and collaborate with the Vulnerability Management operations team. Design and implement advanced vulnerability dashboards to meet their requirements.
- Leverage Tenable, Prisma, and other tools to perform vulnerability management scans on a regular cadence.
- Drive automation initiatives across the vulnerability management team and operational activities that are part of maintaining security infrastructure. Identify potential for and implement automation between Tenable, Prisma, Slack, JIRA and other relevant tools.
- Liaise with compliance teams to meet compliance requirements.
- Work with vendor partners to escalate technical issues.
- Conduct continual self-driven learning on the Vulnerability Management space to understand new trends, strategies, and technologies.
- Establish practices, templates, policies, tools and partnerships to expand and mature engineering capabilities.
- Provide after-hours support on a scheduled / non-scheduled basis.
- Stay up to date on current threat landscape and industry best practices.
- Solve complex issues and protect various environments using a risk-based approach.
- Establishes credibility and maintains strong working relationships with groups involved with information security matters.
- Advanced skills in vulnerability assessment tooling such as Tenable, Rapid7, Qualys, Orca, Prisma Cloud, Aqua, Lacework, etc. Experience tuning, improving and devising efficient scanning workflows the scanning stacks.
- A fundamental understanding of vulnerability management reporting products and their usage (such as Kenna Security, Brinqa, ZeroNorth, Nucleus).
- Experience with operationalizing vulnerability assessment tooling in complicated network environments.
- Experience with implementing and maintaining vulnerability management platforms.
- Experience configuring and tuning vulnerability scanning template within various platforms and tools.
- Ability to prioritize impactful vulnerabilities and reduce noise often associated with vulnerability tools.
- Experience developing technical diagrams, topology maps, reports and presentations.
- Knowledge of network based, system level, cloud and application layer attacks and mitigation methods.
- Solid grasp of vulnerability classification and scoring methodologies (CVSS, CVE, CWE). Fundamental understanding of risk vs severity.
- Strong understanding of desktop and server operating systems and software.
- Solid understanding of cloud, network, endpoint, and application security.
- Hands-on experience with Security Services in Azure, AWS or GCP and container technologies including Docker and Kubernetes.
- Ability to evaluate complex business and technical requirements and translates those into meaningful project elements.
- Ability to manage time independently while handling multiple projects concurrently. Ability to work in a fast-paced environment; ability to multi-task, change direction, effectively prioritize, and meet deadlines.
- Team-first attitude and interest in helping assist peers collaboratively on projects or as a subject matter expert on technical escalations.
- Strong communication skills that include the ability to clearly articulate thoughts and distill complex problems into stakeholder-friendly language.
- Experience with compliance frameworks such as ISO27001, SOC2, SOX, GDPR.
- Ability to innovate and find creative solutions that balance the needs of the business with the needs of security.
- Ability to work effectively with both local and remote staff, teammates and managers.
- Bachelor’s degree in Computer Science, IT Security, Information Systems, Engineering, or related field and 3-5 years of related work experience.
- Experience in a cloud / on-premises hybrid infrastructure security. Experience operating in a production cloud environment, with expertise in at least one of: server, network, cloud, database; AWS admin and configuration management skills preferred. Knowledge of how to assess the security posture of images.
- Ability to automate and script tasks using your preferred programming language (e.g. GoLang, Python, Ruby, Perl, BASH).
- Preferred certifications: CEH, CISSP, GEVA, GPEN, GWAPT, GXPN, LPT, OSCP, or other relevant certifications.
SailPoint is an equal opportunity employer and we welcome everyone to our team. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.