Vulnerability Management Analyst
SailPoint · United States
- Hybrid
- Full-time
- $128,856 / year
- United States
Job highlights
- Protect production environments from vulnerabilities and misconfigurations.
- Manage vulnerability lifecycle across cloud-native infrastructure.
- Partner with IT, DevOps, and Engineering teams.
- Automate security workflows and reporting.
- Develop metrics for compliance and audits.
About the role
About SailPoint
SailPoint is looking for a motivated Vulnerability Management Analyst to join our growing Cybersecurity team. In this role, you will be at the heart of our security operations, responsible for protecting SailPoint's production environments from misconfigurations and software vulnerabilities. You will ensure our products meet the highest standards of security and trust by managing the complete lifecycle of vulnerabilities across our complex, cloud-native infrastructure.As a key member of our threat and vulnerability management team, you will work closely with cross-functional partners in IT, DevOps, and Engineering to reduce our organizational risk. This is a challenging and impactful role where you can grow your skills and contribute directly to our security posture.
What You'll Do (Core Responsibilities):
- Analyze & Prioritize: Triage and assess vulnerabilities discovered in our cloud infrastructure, containerized environments, enterprise infrastructure, and applications, using a risk-based framework that goes beyond standard CVSS scores.
- Cloud Security: Partner with DevOps and Engineering to identify and remediate vulnerabilities and misconfigurations in our AWS environment.
- Drive Remediation: Act as a key liaison, explaining risks, identifying dependencies, and providing the necessary context to help teams remediate vulnerabilities efficiently.
- Automate & Improve: Contribute to the continuous improvement of our program by helping automate data ingestion, reporting, and ticketing system integrations (e.g., Jira, Slack) using scripting languages like Python or PowerShell.
- Report & Comply: Develop metrics to report on the health of the vulnerability management program and provide evidence to support compliance and audit needs for frameworks like SOC2, ISO 27001, and FedRAMP.
- Threat Intelligence: Maintain knowledge of the current threat landscape, including new attack techniques and actively exploited vulnerabilities, to inform our prioritization strategy.
What You'll Bring (Key Requirements):
- Cloud Infrastructure Experience: Strong, hands-on experience securing cloud environments, particularly AWS. You should have a technical understanding of core services like EC2, and container technologies such as Kubernetes and Docker.
- Vulnerability Management Experience: 2-4 years of experience in vulnerability management, product security, or a similar cybersecurity role.
- Technical Acumen: A solid grasp of common product security issues (e.g., OWASP Top 10, SSRF, Injection flaws) and how they manifest in modern, multi-cloud architectures.
- Automation Skills: Intermediate scripting ability (e.g., Python, PowerShell) to help automate security workflows, reporting, and data analysis.
- Collaboration & Influence: A proven ability to build strong partnerships and communicate effectively with technical and non-technical stakeholders in a matrixed organization.
Preferred Qualifications:
- Past experience in penetration testing, product security, or the security research community.
- Certifications such as AWS Certified Security - Specialty, CISSP, CISA, or CySA+.
- Note: Candidates are required to obtain the AWS Certified Cloud Practitioner or AWS Certified Security - Specialty certification within the first year of employment if not already held.
The Path to Success (Milestones):
- 60-Day Milestones (The "Connecting" Phase): Become fully comfortable with core processes and tools (e.g., Qualys, CrowdStrike), including reporting, ticketing, and internal workflows. Solidify relationships with key members of the vulnerability management team and begin engaging with stakeholders in Engineering and Compliance. Begin performing routine vulnerability management tasks, such as validating scans and initiating remediation ticketing, with increasing independence.
- 90-Day Milestones (The "Contribution" Phase): Operate with minimal oversight on daily tasks, fully managing the day-to-day vulnerability lifecycle for your areas of responsibility. Act as a natural escalation point for junior analysts, providing mentorship and helping to resolve challenges with remediation teams. Confidently engage with engineering teams to work through remediation problems and ensure operational flow.
- 6-Month Milestones (The "Performance" Phase): Become a strong, effective contributor who actively identifies and suggests areas for process improvement. Take the lead on an internal team project, such as revamping vulnerability metrics or automating a reporting process. Demonstrate a deep understanding of our risk-based approach by prioritizing vulnerabilities.
- 12-Month Milestones (The "Ownership" Phase): Solidly own all assigned tasks and responsibilities, running with them from start to finish with minimal supervision. Actively contribute to maturing the team by bringing in new ideas, finding process efficiencies, and mentoring junior analysts on technical and communication skills. Establish and maintain strong, trusted relationships with cross-functional partners in Engineering, Compliance, and other departments, effectively working through complex problems together.
Benefits and Compensation:
Benefits and Compensation listed vary based on the location of your employment and the nature of your employment with SailPoint. As a part of the total compensation package, this role may be eligible for the SailPoint Corporate Bonus Plan or a role-specific commission, along with potential eligibility for equity participation. SailPoint maintains broad salary ranges for its roles to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect SailPoint’s differing products, industries, and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. We estimate the base salary, for US-based employees, will be in this range from (min-mid-max, USD): $76,400 - $128,856.00Base salaries for employees based in other locations are competitive for the employee’s home location.
Benefits Overview:
- Health and wellness coverage: Medical, dental, and vision insurance
- Disability coverage: Short-term and long-term disability
- Life protection: Life insurance and Accidental Death & Dismemberment (AD&D)
- Additional life coverage options: Supplemental life insurance for employees, spouses, and children
- Flexible spending accounts for health care, and dependent care; limited purpose flexible spending account
- Financial security: 401(k) Savings and Investment Plan with company matching
- Time off benefits: Flexible vacation policy
- Holidays: 8 paid holidays annually
- Sick leave
- Parental support: Paid parental leave
- Employee Assistance Program (EAP) and Care Counselors
- Voluntary benefits: Legal Assistance, Critical Illness, Accident, Hospital Indemnity and Pet Insurance options
- Health Savings Account (HSA) with employer contribution
SailPoint is an equal opportunity employer and we welcome all qualified candidates to apply to join our team. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other category protected by applicable law.
Alternative methods of applying for employment are available to individuals unable to submit an application through this site because of a disability. Contact applicationassistance@sailpoint.com or mail to 11120 Four Points Dr, Suite 100, Austin, TX 78726, to discuss reasonable accommodations. NOTE: Any unsolicited resumes sent by candidates or agencies to this email will not be considered for current openings at SailPoint.
Key skills/competency:
- Vulnerability Management
- Cloud Security (AWS)
- DevOps
- Engineering
- Python
- PowerShell
- Jira
- Slack
- SOC2
- ISO 27001
Skills & topics
- Vulnerability Management
- Cybersecurity
- AWS
- Cloud Security
- Python
- PowerShell
- DevOps
- Security Analyst
- Risk Management
- SOC2
How to get hired
- Tailor your resume: Highlight your 2-4 years of vulnerability management experience, AWS security skills, and Python/PowerShell scripting abilities.
- Showcase cloud expertise: Emphasize your hands-on experience with AWS, Kubernetes, and Docker in your application.
- Demonstrate collaboration: Provide examples of how you've influenced technical and non-technical stakeholders.
- Prepare for technical questions: Be ready to discuss OWASP Top 10 and common product security issues.
- Understand SailPoint's mission: Research their commitment to security and how your role contributes to it.
Technical preparation
Practice scripting with Python or PowerShell.,Review OWASP Top 10 vulnerabilities.,Familiarize yourself with AWS security services.,Understand container tech like Kubernetes, Docker.
Behavioral questions
Describe a time you influenced others on security.,How do you prioritize competing security risks?,Share an experience automating a complex process.,How do you stay updated on threat intelligence?
Frequently asked questions
- What are the primary responsibilities of a Vulnerability Management Analyst at SailPoint?
- As a Vulnerability Management Analyst at SailPoint, you will be responsible for analyzing and prioritizing vulnerabilities in cloud infrastructure, containers, enterprise systems, and applications. You'll partner with DevOps and Engineering to remediate issues in AWS, automate security workflows, and develop metrics for reporting and compliance with frameworks like SOC2 and ISO 27001. You will also stay updated on the latest threat intelligence to inform prioritization strategies.
- What specific cloud and security experience is required for this role at SailPoint?
- SailPoint requires strong, hands-on experience securing cloud environments, particularly AWS, with a technical understanding of services like EC2 and container technologies such as Kubernetes and Docker. You should also have 2-4 years of experience in vulnerability management or a similar cybersecurity role, with a solid grasp of common product security issues like the OWASP Top 10.
- Are there any specific certifications or training required for the Vulnerability Management Analyst role at SailPoint?
- While not strictly required upfront, SailPoint prefers candidates with certifications such as AWS Certified Security - Specialty, CISSP, CISA, or CySA+. Importantly, candidates are required to obtain either the AWS Certified Cloud Practitioner or AWS Certified Security - Specialty certification within their first year of employment if they do not already hold one.
- How does SailPoint approach vulnerability remediation and collaboration with other teams?
- SailPoint emphasizes a collaborative approach. The Vulnerability Management Analyst acts as a key liaison, explaining risks and providing context to help Engineering and DevOps teams remediate vulnerabilities efficiently. The role involves building strong partnerships and communicating effectively with both technical and non-technical stakeholders to ensure security posture is maintained.
- What is the estimated salary range for a Vulnerability Management Analyst at SailPoint in the US?
- For US-based employees, SailPoint estimates the base salary for this role to be in the range of $76,400 to $128,856.00 annually. This range accounts for variations in knowledge, skills, experience, market conditions, and location, with candidates typically placed within the range based on these factors and internal equity.
- What kind of benefits does SailPoint offer to its employees?