Vulnerability Analyst — External Attack Surface & VDP

What youll do

• Validate & reproduce findingsfrom EASM (internet exposed assets misconfigurations leaked services weak crypto open ports) and from VDP submissions (web API mobile infrastructure). Use manual techniques and PT frameworks to confirm exploitability and business impact.

• Right-size severity & priorityusing exploitability signals (e.g. public exploit EPSS/KEV) control context asset criticality and exposure window; document rationale and evidence that developers and risk owners can act on.

• Deduplicate enrich & routefindings to the correct owners; eliminate false positives; merge related signal (scanner output logs asset inventory prior exceptions) and ensure single threaded tracking to closure.

• Partner with secure business enablement & product teamsto negotiate remediation paths and SLAs; propose compensating controls or layered fixes when one-shot remediation isnt feasible.

• Partner on governance workflowsfor risk acceptances rating overrides and reacceptance cycles; ensure issues aging and SLAs are visible in our dashboards.

• Close the loop with researchers(for VDP) through clear respectful communications and crisp proof-of-fix retesting.

• Continuously improve signal qualityby tuning rules/policies source inventories and intake/playbooks; author repeatable runbooks for common vuln classes.

• Contribute as an adversarywhen needed (mini-engagements) to validate edge case chains and confirm impact beyond tool output.

What youll bring

• 35 yearsin vulnerability analysis application/infrastructure security red teaming or penetration testing (internal or consulting).

• Proven ability tovalidate complex issues(param tampering authN/Z bypass SSRF injection IDOR misconfig cloud/API exposures) and write concise repeatable steps with screenshots/PoCs.

• Experience withEASM(e.g. Censys Defender EASM Cortex Xpanse) andVDP/bug bountyplatforms (e.g. HackerOne Bugcrowd) and their triage mechanics.

• Familiarity withenterprise VM & tracking(ServiceNow VR/IRM Jira Archer/Risk Register) and with platform scanners (Qualys/Tenable/Nessus/Burp/ZAP).

• Working knowledge ofcloud(AWS/Azure)web & APIsecurity PKI/TLS hygiene DNS and internet exposed service hardening.

• Scripting(Python/PowerShell/Bash) for repeatable validation and data wrangling; basic SQL helpful.

• Exceptional written communicationcapable of translating technical risk intoactionable guidanceand executive clarity.

Nice-to-have exposure

• EPSS/KEV driven prioritization attack path/graph concepts and risk quant inputs.

• Cloud posture and SaaS posture signals (SSPM) that intersect with external exposure.

• Building tuning logic for scanners and platform rules (e.g. policy libraries discovery seeds asset correlation).

• Certifications such asOSCPGWAPTGPEN(or equivalent demonstrable skill) are a plus;CISSPnice-to-have.

Whats in it for you

• A front row seat reducing real-world external riskturning noisy findings intodecisive action.

• Growth pathways intopen testingthreat modeling/assurance orVM program leadership.