Senior Vulnerability Analyst
Senior Vulnerability Analyst
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Were looking for a Senior Vulnerability Analyst to join Procores Product & Technology Team. Procore software solutions aim to improve the lives of everyone in construction and the people within Product & Technology are the driving force behind our innovative toprated global platform. Were a customercentric group that encompasses engineering product product design and data security and business systems.
The Senior Vulnerability Analyst will join Procores Cybersecurity Risk & Compliance team. In this role youll drive vulnerability management activities that support and maintain our FedRAMP authorization ensuring that Procores systems meet the highest standards of security and regulatory compliance. You will play a key role in identifying analyzing and reporting on security vulnerabilities while supporting riskinformed decisionmaking across the business.
As a Senior Vulnerability Analyst youll partner with security engineers compliance analysts DevOps teams and product owners to track assess and report on vulnerabilities impacting FedRAMPauthorized systems. Use your technical depth regulatory knowledge and analytical thinking to reduce risk exposure maintain FedRAMP compliance and improve operational resilience. If youre passionate about turning data into action and enabling secure innovationapply today to help us protect what builds the world.
This position reports into the Senior Manager Security Operations and Threat Intelligence and will be based in our Austin TX office. Were looking for someone to join us immediately.
What youll do:
Monitor and triage vulnerability data from scanning tools and threat intelligence sources to ensure timely remediation of findings impacting FedRAMP systems
Analyze vulnerability risk based on asset criticality exposure and threat context and provide clear and actionable recommendations
Track open vulnerabilities coordinate with technical teams and ensure adherence to FedRAMPdefined remediation timelines
Partner with the GRC teams and internal FedRAMP stakeholders to support FedRAMP reporting continuous monitoring deliverables and audit evidence requests
Document exceptions justifications and mitigation plans for vulnerabilities that cannot be remediated within required timelines
Generate clear and concise metrics dashboards and reports for stakeholders and executive leadership
Contribute to the continuous improvement of vulnerability management processes workflows and tooling
What were looking for:
Degree or equivalent work experience
Must have a minimum of 2 years experience in triaging remediating and reporting on vulnerabilities
Background in development and security engineering
Ability to navigate complex environments
Capability to help developers resolve vulnerabilities
Some combination o the following: OSCP CompTIA Security GCIA / GCIH / GPEN CISM AWS Certified Security Specialty
Additional Information :
Base Pay Range $94720 $130240. Eligible for Bonus Incentive Compensation. Procore is committed to offering competitive fair and commensurate compensation and has provided an estimated pay range for this role. Actual compensation will be based on a candidates jobrelated skills experience education or training and location.
Perks & Benefits
At Procore we invest in our employees and provide a full range of benefits and perks to help you grow and thrive. From generous paid time off and healthcare coverage to career enrichment and development programs learn more details about what we offer and how we empower you to be your best.
About Us
Procore Technologies is building the software that builds the world. We provide cloudbased construction management software that helps clients more efficiently build skyscrapers hospitals retail centers airports housing complexes and more. At Procore we have worked hard to create and maintain a culture where you can own your work and are encouraged and given resources to try new ideas. Check us out on Glassdoor to see what others are saying about working at Procore.
We are an equalopportunity employer and welcome builders of all backgrounds. We thrive in a dynamic and inclusive environment. We do not tolerate discrimination against candidates or employees on the basis of gender sex national origin civil status family status sexual orientation religion age disability race traveler community status as a protected veteran or any other classification protected by law.
If youd like to stay in touch and be the first to hear about new roles at Procore join our Talent Community.
Alternative methods of applying for employment are available to individuals unable to submit an application through this site because of a disability. Contact our benefits team here to discuss reasonable accommodations.
For Los Angeles County (unincorporated) Candidates:
Procore will consider for employment all qualified applicants including those with arrest or conviction records in accordance with the requirements of applicable federal state and local laws including the City of Los Angeles Fair Chance Initiative for Hiring Ordinance the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.
A criminal history may have a direct adverse and negative relationship on the following job duties potentially resulting in the withdrawal of the conditional offer of employment: 1. appropriately managing accessing and handling confidential information including proprietary and trade secret information as well as accessing Procores information technology systems and platforms; 2. interacting with and occasionally having unsupervised contact with internal/external customers stakeholders and/or colleagues; and 3. exercising sound judgment.
Remote Work :
No
Employment Type :
Fulltime
Employment Type
Full-time
