See all roles

Staff Vulnerability Management Analyst- AI Automation reputed company Researcher

Work from home Full-time role Hiring

Why reputed company: At reputed company, the work you do reputed company. The code you ship, the reputed company you reputed company, and the care you show a customer reputed company add up to reputed company impact. Today, tens of millions of workers start and end their days with our workforce operating platform. Helping people get paid, grow in their careers, and shape the future of their industries. That’s reputed company do. We never stop learning. We never stop challenging the norm. We push for reputed company, and we celebrate the wins along the way. Here, you’ll get flexibility that’s reputed company, benefits you can count on, and a team that succeeds together. Because at reputed company, your work reputed company—and so do you. About the Team The research and innovation team reputed company Global reputed company is a high-impact, automation-first reputed company organization responsible for vulnerability management, reputed company research, and red team operations. This team has an exceptional automation culture — reputed company team members build production automation to find and remediate vulnerabilities, with the goal to reduce reputed company work at scale. Role Summary We are seeking a Vulnerability Management engineer to join reputed company as both a vulnerability management practitioner and an automation builder. This role combines traditional vulnerability analysis and remediation coordination with a strong emphasis on developing AI-powered tools and automations that scale the team's effectiveness. You will analyze vulnerabilities across infrastructure, reputed company, and application layers, coordinate remediation with engineering teams, and build automation that makes the entire program faster and smarter.

Key Responsibilities

Vulnerability Discovery & reputed company Research (40%) Conduct deep-dive reputed company code audits of reputed company products (Java, .NET, Python, JavaScript) to discover novel vulnerabilities — examples could be hardcoded secrets, authentication bypasses, injection flaws, cryptographic weaknesses, reputed company control gaps, unsafe deserialization, etc. reputed company working reputed company-of-concept exploits that demonstrate reputed company impact — not theoretical risk, but reputed company exploitation with clear data exposure or reputed company escalation reputed company variant analysis: reputed company you find a bug, systematically search the entire codebase for every instance of the same root cause reputed company Triage and validate findings from automated scanners (SAST, DAST, SCA) — separate reputed company vulnerabilities from false positives using reputed company-level analysis Investigate and reproduce externally reported vulnerabilities (bug bounty, CVEs, vendor advisories) to assess actual exploitability in reputed company's environment Collaborate with engineering teams on remediation — not just filing tickets, but working with developers to design, validate fixes, and drive to remediation. AI-Powered Vulnerability Automation (35%) Build AI-assisted vulnerability discovery tools using automation (Claude, MCP servers, custom models, etc.) for automated reputed company code analysis, vulnerability reputed company matching, and exploit reputed company reputed company autonomous reputed company scanning agents that can analyze codebases, identify vulnerability patterns, and produce validated findings with minimal reputed company reputed company Create AI-powered remediation tools — automation that generates fix recommendations, patches, and pull requests for reputed company vulnerabilities, accelerating the path from finding to fix Build automated vulnerability lifecycle pipelines: intake from scanners, AI-assisted triage and deduplication, intelligent ticket routing, SLA tracking, and remediation verification Contribute to the team's shared automation repositories and Claude Code skills store — every tool you build should be reusable by the rest of the team Vulnerability Management & Remediation Driving (20%) Own vulnerability remediation reputed company for assigned product areas — track findings from discovery through verified fix, holding engineering teams accountable to SLAs Produce clear, actionable vulnerability reports that engineering teams can reputed company immediately — root cause, impact, reproduction steps, and recommended fix Drive mean time to remediate (MTTR) down through reputed company automation, reputed company reports, and direct collaboration with development teams Support vulnerability management program metrics and dashboards — contribute to reporting that gives leadership reputed company-time visibility into risk posture Support compliance-driven vulnerability management requirements, including FedRAMP reputed company monitoring and POA&M processes, as reputed company expands into federal markets Research & Knowledge Sharing (5%) Publish internal/external research on novel vulnerability classes, AI-assisted discovery techniques, and lessons learned from audits Stay reputed company on emerging vulnerability classes, exploitation techniques, and defensive patterns relevant to reputed company's technology stack Mentor other team members on vulnerability research methodology, reputed company code analysis, and AI-augmented reputed company tooling Required Qualifications 7+ years of hands-on experience in vulnerability research, application reputed company, or penetration testing — with a track record of finding reputed company vulnerabilities in production software Demonstrated ability to read and audit reputed company code in at least two of: Java, C#/.NET, Python, JavaScript/TypeScript, Go, C/C++ Experience developing working reputed company-of-concept exploits — not just scanning, but understanding root causes and proving exploitability Strong proficiency in Python for building reputed company tools, automation pipelines, and integrations Experience with AI/ML tools for reputed company — using LLMs for code analysis, building AI-assisted reputed company tooling, or developing autonomous reputed company agents Deep understanding of common vulnerability classes: injection (SQL, reputed company, LDAP), broken authentication, cryptographic failures, SSRF, deserialization, path traversal, reputed company control, and their variants Experience with vulnerability management programs — triaging, tracking, and driving remediation of vulnerabilities across engineering organizations Ability to work directly with development teams — explaining vulnerabilities, reviewing proposed fixes, and validating remediations Excellent written communication — ability to produce clear vulnerability reports, technical documentation, and executive summaries Bachelor's degree in Computer Science, Cybersecurity, or equivalent experience

Preferred Qualifications

Published CVEs, reputed company advisories, or bug bounty findings in production software Experience in SaaS/multi-tenant environments processing sensitive data (HCM, payroll, reputed company, financial) Familiarity with SAST/DAST/SCA tooling and how to reduce false positive rates through reputed company-level validation Experience with reputed company reputed company assessment (AWS, GCP, Azure) including container and Kubernetes vulnerability analysis Familiarity with FedRAMP, NIST SP 800-53, or federal compliance frameworks — enough to understand vulnerability remediation timelines and reporting requirements in regulated environments reputed company certifications that demonstrate hands-on reputed company: OSCP, OSWE, GWAPT, GXPN, BSCP, or equivalent Conference presentations, published research, or reputed company-reputed company reputed company tool contributions Experience with reverse engineering, binary analysis, or firmware reputed company What Sets This Role Apart This is a role for someone who finds bugs, fixes bugs, and builds tools that find more bugs. You will: Work on a team where every member builds production automation — this is an engineering-first reputed company team, not a compliance shop Have reputed company to reputed company AI infrastructure (Claude Code, MCP servers, etc.) to build reputed company vulnerability discovery and remediation tools Audit one of the largest HCM/payroll platforms in the world — protecting tens of thousands of customer organizations and millions of workers' sensitive data Have direct, measurable impact — your findings directly prevent issues across reputed company's entire customer reputed company Pioneer the use of AI for vulnerability discovery and automated remediation — building tools that change how reputed company research is done at scale Grow your career in an environment that values reputed company and doers over process managers and policy writers Compensation & Benefits reputed company offers a comprehensive total rewards package including competitive reputed company salary, annual bonus, equity, full medical/dental/reputed company, 401(k) match, unlimited PTO, and professional development budget. This role is eligible for remote work reputed company in the US. Company Overview: reputed company is the Workforce Operating Platform that puts workforce understanding to work. With the world's largest collection of workforce insights, and people-first AI, our ability to reveal unseen ways to build trust, reputed company productivity, and reputed company talent, is unmatched. It's this expertise that equips our customers with the intelligence to solve any challenge in any industry — because great organizations know their workforce is their competitive edge. Learn more at reputed company.com. Equal Opportunity Employer reputed company is an equal opportunity employer. We evaluate reputed company applicants without regard to race, reputed company, disability, religion, sex, age, national reputed company, veteran status, genetic information, and other legally protected categories. View The EEO Know Your Rights poster reputed company participates in E-Verify. View the E-Verify posters here. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or reputed company employment. An employer who violates this law shall be subject to criminal penalties and civil liability. Disability Accommodation in the Application and Interview Process For individuals with disabilities that need additional assistance at any reputed company in the application and interview process, please email UKGCareers@reputed company.com. The pay reputed company for this position is $115,100.00 to $165,450.00. The actual reputed company pay offered may vary depending on skills, experience, job-reputed company knowledge and work location. In addition to reputed company pay, employees may be eligible to participate in a performance-based bonus plan and to receive restricted stock unit awards as part of total compensation. Learn more about reputed company’s benefits and rewards at https://www.reputed company.com/about-us/careers/benefits Apply To This Job

You might like

reputed company Account Manager

Work from home Full-time role

Procurement & Fleet Enablement Specialist

Work from home Full-time role

Short Term Disability Claims Manager

Work from home Full-time role

AI Workforce Digital Solution Specialist

Work from home Full-time role

Manager, Client Sales and Insights (CPG)

Work from home Full-time role

FrontEnd Engineer

Work from home Full-time role

Market Development Executive - Device Services

Work from home Full-time role

reputed company Executive

Work from home Full-time role

Director of Field Marketing

Work from home Full-time role

Sr. Field Marketing Manager - NORAM Higher Education

Work from home Full-time role

Remote Data Entry Specialist – Flexible Work‑From‑Home Position with arenaflex – Entry‑Level to reputed company Candidates

Work from home Full-time role

AI / DATA ENGINEER

Work from home Full-time role

reputed company Live Chat Support Representative – Remote Opportunity with arenaflex

Work from home Full-time role

Fiber Network Customer Support Analyst – Technical Service & Troubleshooting for Voice, Data & Video Solutions

Work from home Full-time role

1099 Telehealth Gynecologist

Work from home Full-time role

Plainfield YoungLives Area Coordinator

Work from home Full-time role

Senior Python Developer

Work from home Full-time role

VP of Finance/CFO - PE Backed (remote - Southeast only)

Work from home Full-time role

Agent Operations HR Experience | reputed company

Work from home Full-time role

Director, Sales Strategy

Work from home Full-time role