Cybersecurity Vulnerability Management Analyst
Vulnerability Management Analyst with a passion for cybersecurity. This
role ensures the continuous discovery, accurate assessment, risk-based
prioritization, and successful remediation of vulnerabilities and
misconfigurations across all IT assets, directly reducing the organization's
exposure and maintaining regulatory compliance.
business acumen, and a proven track record of working in security
programs in complex environments. The ideal candidate will be part of the
team securing SailPoint’s production environments from misconfigurations
and software vulnerabilities, cross-functional collaboration, and ensuring
that products meet the highest standards of security, availability, and trust.
threat and vulnerability management team of both emerging and
established talent. This potential team member will be comfortable with the
4 I’s at SailPoint (individual, Impact, Innovation, and Integrity) even if
they’re new to the concept. They will embrace new challenges, and by being
their authentic self they will be a positive contributor to an already positive
work culture and environment.
to work with a variety of stakeholders, including our fantastic colleagues in
IT, DevOps, Product engineering, Security engineering, and Compliance.
This role reports directly to the Head of Vulnerability Management and will
be remote. Candidae must go to Pune office once a quarter.
3-5 years experience, preferably in vulnerability management.
Strong engineering experience with cloud, containers, open-source
code, deployment and misconfigurations.
Intermediate experience with scripting languages (e.g., Python,
PowerShell) for automating data ingestion, reporting, or integrating
VM data into other security tools (SIEM/SOAR).
Experience with regulatory frameworks (e.g., NIST, ISO 27001, SOC,
GDPR) and providing evidence for compliance and audit needs.
reduce false positives from true events.
Process Improvement: Drive continuous improvement in the efficiency
of vulnerability remediation through automation, ticketing system
integration (e.g., Jira), and process streamlining.
Influence & Collaboration – Demonstrable experience building strong
partnerships in a matrixed organization.
Technical – Intermediate understanding of product security issues
(like XXE, SSRF, Injections, etc.), modern software development (fully
automated CI/CD, REST, OAuth2) including multi-cloud (AWS, Azure,
GCP, Containers, Kubernetes) architectures, particularly Amazon Web
Services, Kubernetes, and Docker.
Risk-Based Decision Making – Experience making informed decisions
through balancing business priorities, technical constraints, and risk
exposure.
Certifications like CISSP, CISA, CySA+, AWS Certs, or CCNSE, or
other relevant certifications are preferred.
If the candidate does not have the AWS Certified Cloud Practitioner or
AWS Certified Cloud Security – Specialty, they must take these
certifications within first year of employment.
Collaborating in the enterprise-wide product security and resilience
strategy, aligning with business goals and regulatory requirements.
Partnering with Dev/Ops, engineering, product management, and
infrastructure teams to integrate vulnerability management practices
into production environments.
Identifying risk in a production environment comprised of a
sophisticated SaaS architecture consisting of dozens of microservices
Maintain knowledge of the threat landscape for prioritization of
vulnerabilities, attack techniques, tool/exploit development, cyber
threat intelligence analysis and adversarial tactics.
Explaining risks, identifing dependencies, and facilitating the
remediation process by providing necessary details and context.
Enforce a prioritization framework that utilizes risk context beyond
standard CVSS scores, factoring in asset criticality, exposure to the
public internet, and internal threat intelligence (e.g., active
exploitation in the wild).
Drive the adoption of security automation, vulnerability management
with product teams.
Providing program performance reporting and metrics per business
unit and product.
Learn the landscape, processes and technologies.
Complete all tooling platform specific training assigned.
Take ownership of vulnerability analysis and reporting for a
designated environment
Establish communication and follow-up cadence with the remediation
teams
Identify and document an opportunity to improve the efficiency of the
current process
Manage full lifecycle for all production environment
Collaborate with respective teams to address specific, frequent
occurring vulnerability, insecure coding, etc
Have deep understanding of all core technologies, environments and
our cloud architecture.
Contribute to the team internal knowledgebase on lessons learned
SailPoint is an equal opportunity employer and we welcome all qualified candidates to apply to join our team. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other category protected by applicable law.
Alternative methods of applying for employment are available to individuals unable to submit an application through this site because of a disability. Contact [email protected] or mail to 11120 Four Points Dr, Suite 100, Austin, TX 78726, to discuss reasonable accommodations. NOTE: Any unsolicited resumes sent by candidates or agencies to this email will not be considered for current openings at SailPoint.
Top Skills
What We Do
At SailPoint, we believe enterprise security must start with identity at the foundation. Today’s enterprise runs on a diverse workforce of not just human but also digital identities—and securing them all is critical. Through the lens of identity, SailPoint empowers organizations to seamlessly manage and secure access to applications and data at speed and scale. Our unified, intelligent, and extensible platform delivers identity-first security, helping enterprises defend against dynamic threats while driving productivity and transformation. Trusted by many of the world’s most complex organizations, SailPoint secures the modern enterprise.
Why Work With Us
Together, we’re redefining identity’s place in the security ecosystem. We love taking on new challenges that seem daunting to others. We hold ourselves to the highest standards and deliver upon our promises to our customers. We bring out the best in each other, and we’re having a lot of fun doing it.
Gallery
SailPoint Teams
SailPoint Offices
Hybrid Workspace
Employees engage in a combination of remote and on-site work.
