Cybersecurity Vulnerability Management Analyst
Integrity) even if they’re new to the concept. They will embrace new challenges, and by being their authentic self they will be a positive contributor to an already positive work culture and environment.
- 3-5 years experience, preferably in vulnerability management.
- Strong engineering experience with cloud, containers, open-source code, deployment and misconfigurations.
- Intermediate experience with scripting languages (e.g., Python, PowerShell) for automating data ingestion, reporting, or integrating VM data into other security tools (SIEM/SOAR).
- Experience with regulatory frameworks (e.g., NIST, ISO 27001, SOC, GDPR) and providing evidence for compliance and audit needs.
- Experience tracking trends and configure systems as required to reduce false positives from true events.
- Process Improvement: Drive continuous improvement in the efficiency of vulnerability remediation through automation, ticketing system integration (e.g., Jira), and process streamlining.
- Influence & Collaboration – Demonstrable experience building strong partnerships in a matrixed organization.
- Technical – Intermediate understanding of product security issues (like XXE, SSRF, Injections, etc.), modern software development (fully automated CI/CD, REST, OAuth2) including multi-cloud (AWS, Azure, GCP, Containers, Kubernetes) architectures, particularly Amazon Web Services, Kubernetes, and Docker.
- Risk-Based Decision Making – Experience making informed decisions through balancing business priorities, technical constraints, and risk exposure.
- Certifications like CISSP, CISA, CySA+, AWS Certs, or CCNSE, or other relevant certifications are preferred.
- If the candidate does not have the AWS Certified Cloud Practitioner or AWS Certified Cloud Security – Specialty, they must take these certifications within first year of employment.
- Collaborating in the enterprise-wide product security and resilience strategy, aligning with business goals and regulatory requirements.
- Partnering with Dev/Ops, engineering, product management, and infrastructure teams to integrate vulnerability management practices into production environments.
- Identifying risk in a production environment comprised of a sophisticated SaaS architecture consisting of dozens of microservices
- Maintain knowledge of the threat landscape for prioritization of vulnerabilities, attack techniques, tool/exploit development, cyber threat intelligence analysis and adversarial tactics.
- Explaining risks, identifing dependencies, and facilitating the remediation process by providing necessary details and context.
- Enforce a prioritization framework that utilizes risk context beyond standard CVSS scores, factoring in asset criticality, exposure to the public internet, and internal threat intelligence (e.g., active exploitation in the wild).
- Drive the adoption of security automation, vulnerability management with product teams.
- Providing program performance reporting and metrics per business unit and product.
Benefits and Compensation listed vary based on the location of your employment and the nature of your employment with SailPoint.
As a part of the total compensation package, this role may be eligible for the SailPoint Corporate Bonus Plan or a role-specific commission, along with potential eligibility for equity participation. SailPoint maintains broad salary ranges for its roles to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect SailPoint’s differing products, industries, and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. We estimate the base salary, for US-based employees, will be in this range from (min-mid-max, USD):
$76,400 - $109,200 - $142,000Base salaries for employees based in other locations are competitive for the employee’s home location.
Benefits Overview
1. Health and wellness coverage: Medical, dental, and vision insurance
2. Disability coverage: Short-term and long-term disability
3. Life protection: Life insurance and Accidental Death & Dismemberment (AD&D)
4. Additional life coverage options: Supplemental life insurance for employees, spouses, and children
5. Flexible spending accounts for health care, and dependent care; limited purpose flexible spending account
6. Financial security: 401(k) Savings and Investment Plan with company matching
7. Time off benefits: Flexible vacation policy
8. Holidays: 8 paid holidays annually
9. Sick leave
10. Parental support: Paid parental leave
11. Employee Assistance Program (EAP) and Care Counselors
12. Voluntary benefits: Legal Assistance, Critical Illness, Accident, Hospital Indemnity and Pet Insurance options
13. Health Savings Account (HSA) with employer contribution
SailPoint is an equal opportunity employer and we welcome all qualified candidates to apply to join our team. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other category protected by applicable law.
Alternative methods of applying for employment are available to individuals unable to submit an application through this site because of a disability. Contact [email protected] or mail to 11120 Four Points Dr, Suite 100, Austin, TX 78726, to discuss reasonable accommodations. NOTE: Any unsolicited resumes sent by candidates or agencies to this email will not be considered for current openings at SailPoint.
