Lead Vulnerability Management Engineer

As a Lead Vulnerability Management Engineer, you will be responsible for leading enterprise-wide initiatives to reduce cybersecurity risk associated with system and application vulnerabilities. You will play a key role in governing, scaling, and maturing Alteryx’s vulnerability management program while partnering closely with Engineering, IT, and Security teams to drive risk-based remediation across cloud, container, and on-prem environments.

This role combines deep technical expertise with program leadership, threat analysis, and cross-functional influence.

• Lead and oversee the full vulnerability management lifecycle, including identification, triage, prioritisation, remediation tracking, and verification.

• Own and continuously mature the enterprise vulnerability management program, ensuring alignment with organisational risk tolerance and security strategy.

• Install, configure, operate, and administer enterprise vulnerability scanning and assessment tools.

• Ensure scheduled vulnerability scans are executed successfully and provide 100% coverage of intended assets.

• Configure, optimize, and validate vulnerability scans across new and existing operating systems, platforms, and environments.

• Leverage threat intelligence and vulnerability data to assess risk, prioritise findings, and respond to emerging adversary techniques.

• Partner with Engineering, Infrastructure, and Platform teams to ensure effective vulnerability monitoring across cloud and containerised environments.

• Perform in-depth security and technical analysis of architectures, design decisions, and emerging threats.

• Research cybersecurity incidents and co-lead vulnerability-related investigations and response activities.

• Develop clear remediation strategies and communicate risk effectively to technical and non-technical stakeholders.

• Drive process improvements and develop documentation, including policies, standards, and operating procedures.

• Provide technical guidance and mentorship within the vulnerability management and broader security team.

• Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent practical experience.

• 9+ years of experience in Information Security or IT roles, with demonstrated expertise in one or more of the following areas:

  • Vulnerability Management

  • Penetration Testing or Offensive Security

  • Incident Response

  • Red Teaming or Security Consulting

• Extensive experience with enterprise vulnerability management platforms such as Tenable.io, Rapid7, Qualys, or equivalent.

• Hands-on experience with Cloud Security Posture Management (CSPM) tools such as Wiz, Orca, Prisma Cloud, or similar.

• Proven track record of leading vulnerability remediation programs in complex, enterprise environments.

• Strong critical thinking, risk-based decision-making, and problem-solving skills.

• Ability to communicate complex security risks clearly to executive, technical, and non-technical stakeholders.

• Industry-recognized security certifications such as CISSP or equivalent.

• Strong knowledge of major cloud platforms including AWS, Azure, or GCP.

• Experience integrating security requirements into CI/CD pipelines and the Software Development Lifecycle (SDLC).

• Background in Application Security, Cloud Security, or Security Operations, including associated security tooling.