Attack Surface Management Team Lead

Cybersecurity Attack Surface Management Team Lead

SailPoints Cybersecurity organization is seeking a Cybersecurity Attack Surface Management Team Lead to strengthen our security posture by reducing our digital exposure. The ASM Lead is a seasoned security professional responsible for defining and executing the strategy to continuously discover categorize and prioritize every asset that constitutes our attack surface. You will leverage advanced tooling and threat intelligence to transform raw asset data into actionable risk insights directly informing our overall security posture and remediation efforts.

The ASM Lead will be a critical member of our Threat Exposure Management team responsible for defining implementing and maturing our ASM program. This role requires a blend oftechnical expertisestrategic thinking andstrong leadershipto continuously reduce our organizations external and internal security person will drive the cultural and technical shift from reactive to proactive threat-informed risk reduction.

Our new Attack Surface Management Team Lead will join a growing and capable threat and vulnerability management team of both emerging and established talent. This potential team member will be comfortable with the 4 Is at SailPoint (individual Impact Innovation and Integrity) even if theyre new to the concept. They will embrace new challenges and by being their authentic self will be a positive contributor to an already positive work culture and environment.

This is a challenging and impactful role where you will have the opportunity to work with a variety of stakeholders including our fantastic colleagues in IT DevOps Product Engineering Security Architect Engineering and Cyber Defense Operations.

This role reports directly to the Head of Threat Exposure Management and will be remote.

Key Requirements:

• 5 years of experience in Cybersecurity with at least 2 years specifically focused on Vulnerability Management EASM (External Attack Surface Management) or Threat Intelligence.

• Hands-on experience with commercial and open-sourceASM/EASM platforms and methodologies(e.g. CrowdStrike SecurityScorecard Shodan Censys or similar).

• Expertise of ASM concepts including asset discovery exposure monitoring shadow IT detection and external threat identification

• Deep understanding ofTCP/IP networking protocols cloud environments (AWS Azure or GCP) and web application architectures.

• Familiarity with internet-facing systems cloud infrastructures (IaaS/PaaS/SaaS) domain and certificate management and network perimeter configurations.

• Strong ability to translate technical exposure data into meaningful risk insights.

• Strong analytical and investigative skills with the ability to turn gaps into prioritized action plans.

• Proficiency in scripting languages (e.g. Python PowerShell) for automation and data analysis.

• Developing and tracking ASM metrics and KPIs.

• Strategic Vision & Execution - Ability to define and communicate a clear vision and resilience aligned with enterprise goals.

• Influence & Collaboration Demonstrable experience building strong partnerships across an organization

• Risk-Based Decision Making Experience making informed decisions through balancing business priorities technical constraints and risk exposure.

• Executive Communication Experience communicating complex technical concepts and ongoing program updates clearly to stakeholders and executive leadership.

• Certifications like CISSP OSCP and GIAC are beneficial.

Core Responsibilities:

• Strategy & Program Leadership:

• • Develop and drive the overall strategy for discovering inventorying and managing the companys external and internal digital attack surface.

  • Establish and lead the ASM program defining key metrics reporting mechanisms and service level agreements (SLAs) for remediation.

• Discovery & Inventory:

• • Implement and operate ASM tools (e.g. EASM solutions) to continuously discover and maintain an accurate inventory of all digital assets (IPs domains cloud resources third-party exposures code repositories etc.).

  • Identify Shadow IT and unknown external-facing assets and integrate them into the security framework.

• Vulnerability & Risk Management:

• • Collaborate closely with Threat Intelligence Vulnerability Management and Penetration Testing teams to prioritize risks based on exploitability and business criticality.

  • Oversee and track the remediation process for identified exposures working with asset owners across IT and business units.

• Process Improvement & Automation:

• • Drive the integration of ASM data into existing security operations and risk management processes (e.g. CMDB SIEM GRC).

  • Identify opportunities to automate asset discovery risk assessment and reporting to enhance program efficiency.

• Leadership & Mentorship:

• • Provide technical guidance and mentorship to junior security analysts.

  • Present program status key findings and strategic recommendations to leadership.

Benefits and Compensation listed vary based on the location of your employment and the nature of your employment with SailPoint.

As a part of the total compensation package this role may be eligible for the SailPoint Corporate Bonus Plan or a role-specific commission along with potential eligibility for equity participation. SailPoint maintains broad salary ranges for its roles to account for variations in knowledge skills experience market conditions and locations as well as reflect SailPoints differing products industries and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. We estimate the base salary for US-based employees will be in this range from (min-mid-max USD):

Base salaries for employees based in other locations are competitive for the employees home location.

Benefits Overview

1. Health and wellness coverage: Medical dental and vision insurance

2. Disability coverage: Short-term and long-term disability

3. Life protection: Life insurance and Accidental Death & Dismemberment (AD&D)

4. Additional life coverage options: Supplemental life insurance for employees spouses and children

5. Flexible spending accounts for health care and dependent care; limited purpose flexible spending account

6. Financial security: 401(k) Savings and Investment Plan with company matching

7. Time off benefits: Flexible vacation policy

8. Holidays: 8 paid holidays annually

9. Sick leave

10. Parental support: Paid parental leave

11. Employee Assistance Program (EAP) and Care Counselors

12. Voluntary benefits: Legal Assistance Critical Illness Accident Hospital Indemnity and Pet Insurance options

13. Health Savings Account (HSA) with employer contribution

SailPoint is an equal opportunity employer and we welcome all qualified candidates to apply to join our team. All qualified applicants will receive consideration for employment without regard to race color religion sex sexual orientation gender identity national origin disability protected veteran status or any other category protected by applicable law.

Alternative methods of applying for employment are available to individuals unable to submit an application through this site because of a disability. Contact or mail to 11120 Four Points Dr Suite 100 Austin TX 78726 to discuss reasonable accommodations. NOTE: Any unsolicited resumes sent by candidates or agencies to this email will not be considered for current openings at SailPoint.