Vulnerability Management Analyst
Alignerr · Madrid, Community of Madrid, Spain
- Hybrid
- Contract
- $60,000 / year
- Madrid, Community of Madrid, Spain
Job highlights
- Analyze vulnerabilities and CVE data for AI training.
- Classify severity and recommend remediation strategies.
- Evaluate AI's cybersecurity risk reasoning.
- Generate and label realistic security scenarios.
- Impact AI's real-world risk handling.
About the role
Vulnerability Management Analyst (AI Training)
We're partnering with the world's leading AI research labs to build smarter, more security-aware AI systems — and we need practitioners who know how vulnerability management actually works in the real world.
This isn't a theoretical exercise. You'll work with realistic CVE data, exposure scenarios, and remediation workflows to help evaluate and improve how AI reasons about cybersecurity risk. Your field experience is exactly what's needed to make AI systems more accurate, trustworthy, and useful for security teams everywhere.
About The Role
- Organization: Alignerr
- Type: Hourly Contract
- Location: Remote
- Commitment: 10–40 hours/week
What You'll Do
- Analyze vulnerability reports, CVEs, and exposure scenarios across infrastructure and applications
- Classify severity, impact, exploitability, and recommend remediation strategies
- Review and evaluate AI-generated reasoning on patching, mitigation, and risk prioritization decisions
- Generate, label, and validate realistic security scenarios used to train and benchmark AI models
- Apply your practical knowledge to help AI distinguish between theoretical risk and what actually matters in production
Who You Are
- 2+ years of experience in vulnerability management, security operations, or infrastructure security
- Solid working knowledge of CVEs, vulnerability scanners, patching workflows, and risk prioritization frameworks
- You understand the real-world tradeoffs between textbook severity scores and operational risk
- Analytical and structured thinker who can clearly articulate security reasoning
- Comfortable working independently in a remote, async environment
Nice to Have
- Experience with tools like Tenable, Qualys, Rapid7, or similar platforms
- Familiarity with frameworks such as CVSS, EPSS, or MITRE ATT&CK
- Background in cloud security, patch management, or SecOps
- Prior experience with AI evaluation or data labeling workflows
Why Join Us
- Work directly on frontier AI systems alongside top research labs
- Fully remote and flexible — work on your schedule, on your terms
- Freelance autonomy with access to meaningful, intellectually stimulating work
- Your security expertise has a direct, measurable impact on how AI handles real-world risk
- Potential for ongoing work and contract extension as projects grow
Key skills/competency
- Vulnerability Management
- CVE Analysis
- Risk Prioritization
- AI Training
- Security Operations
- Infrastructure Security
- Remediation Strategies
- Cybersecurity Risk
- Patch Management
- AI Evaluation
Skills & topics
- Vulnerability Management
- CVE
- Cybersecurity
- AI Training
- Risk Assessment
- Security Operations
- Remote Work
- Contract
- Data Labeling
- Infrastructure Security
How to get hired
- Tailor your resume: Highlight vulnerability management, CVE knowledge, and AI experience.
- Showcase practical skills: Emphasize real-world security operations and risk assessment.
- Address remote work: Demonstrate independence and async communication abilities.
- Prepare for technical questions: Be ready to discuss risk prioritization and remediation.
- Understand the AI aspect: Explain how your expertise improves AI security reasoning.
Technical preparation
Master CVE analysis and severity classification.,Practice risk prioritization frameworks.,Understand vulnerability scanning tools.,Familiarize with patching workflows.
Behavioral questions
Explain real-world risk vs. textbook scores.,Describe your analytical and structured thinking.,How do you work independently remotely?,Articulate security reasoning clearly.
Frequently asked questions
- What is the primary focus of the Vulnerability Management Analyst role at Alignerr?
- The primary focus is to leverage your real-world vulnerability management expertise to help train and improve AI systems that reason about cybersecurity risk, using realistic data and scenarios.
- Is this a remote position, and what are the work hours like for the Vulnerability Management Analyst role?
- Yes, this is a fully remote position. The commitment is flexible, ranging from 10 to 40 hours per week, allowing you to work on your schedule.
- What kind of experience is essential for the Vulnerability Management Analyst position?
- Essential experience includes at least 2 years in vulnerability management, security operations, or infrastructure security, with a solid understanding of CVEs, scanners, and risk prioritization.
- What are the 'nice to have' qualifications for the Vulnerability Management Analyst at Alignerr?
- Nice-to-have qualifications include experience with specific vulnerability management tools (Tenable, Qualys), familiarity with frameworks like CVSS or MITRE ATT&CK, cloud security background, or prior AI evaluation/data labeling experience.
- How does this role differ from a traditional Vulnerability Management Analyst position?
- This role differs by focusing on using your practical vulnerability management experience to train and evaluate AI models, rather than solely on direct remediation within an organization.
- What is the expected impact of a Vulnerability Management Analyst at Alignerr?
- Your impact will be direct and measurable, influencing how AI systems understand and handle real-world cybersecurity risks, making them more accurate and trustworthy for security teams.
- Will I be working with AI models directly or providing data for them?
- You will be working with realistic CVE data, exposure scenarios, and AI-generated reasoning to evaluate and label data used for training and benchmarking AI models.
- What kind of AI research labs is Alignerr partnering with for this role?
- Alignerr partners with the world's leading AI research labs to develop security-aware AI systems.