Contribute to the design, implementation, and operation of vulnerability management capabilities
Build and enhance automation and workflows that ingest, normalize, and prioritize vulnerability signals
Develop and improve engineer-facing dashboards and integrations
Work with product and engineering teams to assess vulnerability findings
Help embed vulnerability signals into existing engineering workflows (CI/CD, PRs, backlogs)
Support validation of remediation efforts to ensure exposure is meaningfully reduced
Assist in translating compliance and control requirements into scalable technical implementations
Support FedRAMP and other assessments by validating technical evidence
Execute technical projects that improve visibility, prioritization, and risk reduction
Contribute to improving processes, tooling, and automation within the vulnerability management program

Solid technical experience in vulnerability management and application security
Demonstrated ability to build or automate technical workflows using scripting or programming languages such as Python or Go
Experience working with application, cloud, or container security in AWS and/or Azure environments
Working knowledge of security controls and compliance frameworks (e.g., NIST, CIS, FedRAMP)
Ability to reason about exploitability, exposure, and impact beyond severity scores
Experience collaborating with engineering teams to support remediation efforts
Clear communication skills and ability to explain technical risk to varied audiences
Ability to operate effectively in fast-paced environments with evolving priorities
Foundational understanding of how vulnerability management fits within broader security and engineering functions
Experience with commercial security tooling (e.g., SAST, SCA, cloud security platforms)

Vulnerability & Exposure Management Engineer

Key skills