Sr. Security Engineer Vulnerability Operations

Our Mission:

6senses mission is to multiply what matters: growth retention and efficiency. We envision a future where companies teams and people reach their full potential.

Our People:

People are the heart and soul of 6sense. We serve with passion and purpose. We live by our Being 6sense values of Win as One Team Stay Curious Do The Right Thing Own the Outcome and Create Belonging. Every 6sensor plays a part in defining the future of our industry-leading technology. 6sense is a place where difference-makers roll up their sleeves take risks act with integrity and measure success by the value we create for our customers. We want 6sense to be the best chapter of your career.

Purpose of the Job :

As members of 6senses Security department the Security Engineering team protects the platform across application infrastructure and cloud domains. The Vulnerability Operations function ensures that vulnerabilities are identified triaged validated and remediated in a consistent timely and riskbased manner. Senior Security Engineers work closely with Engineering CloudOps Product and GRC teams to operationalize vulnerability management processes build automation standardize workflows and ensure secure-by-default practices.

Responsibilities & Accountabilities :

• Ensure vulnerability management tools (e.g. Wiz Invicti Rapid7 GHAS Ox) are correctly configured for appropriate coverage and accurate detection.
• Perform hands-on triage validation and root cause analysis of vulnerabilities across AppSec InfraSec and CloudSec.
• Track and report vulnerability status against SLAs escalating to engineering owners as needed.
• Build and maintain dashboards filters reports and triage scripts to support visibility and automation.
• Assist engineering teams in reproducing and remediating vulnerabilities providing actionable guidance.
• Support the bug bounty program operations (not ownership) including validation and coordination with engineering teams.
• Conduct security reviews and threat modeling for high-risk systems or changes.
• Participate in initiatives that holistically address systemic or multidomain vulnerabilities.
• Contribute to development of automated security testing pipelines for validation of fixes.
• Participate in on-call or offhours incident response related to critical vulnerabilities and timesensitive patches.
• Contribute to quarterly OKRs and security engineering roadmap initiatives.

Performance Measurement :

• Understands 6senses product architecture cloud footprint and environment in depth.
• Takesownership of vulnerability triage and prioritization while escalating whererequired.
• ProactivelyidentifiesandescalatesAI/MLrelated vulnerabilities or misconfigurations in systems integrating LLMs or automated decisioning.
• Meets tight deadlines and SLAs for vulnerability response and validation.
• Maintainsaccurateand up-to-date triage scripts documentation dashboards and workflows.
• Participates in weekly 1:1s and skip levels; provides clear progress updates.
• Supports security engineers and development teams withaccurate actionable analysis.
• Effectivelyparticipatesin incident response and postincident remediation.

Educational and Experience Requirements :

• 5 years of experience in security engineering across vulnerability management AppSec CloudSec or InfraSec.
• Experience with vulnerability tools (e.g. Wiz Rapid7 Invicti GHAS SAST/DAST) and triage workflows.
• Understanding ofcloud security (AWS preferred) and modernmicroservicesarchitectures.
• Experience identifying and mitigating AI/MLrelated security risks including model abuse promptinjection vulnerabilities and risks introduced by LLMbased features.
• Experience with scripting/automation (Python Bash JavaScript etc.).
• Experience working directly with engineering teams to address vulnerabilities.
• Familiarity with frameworks such as OWASP NIST CIS Benchmarks MITRE ATT&CK.
• Experience withIaCsecurity (Terraform CloudFormationPulumi)preferredbut notrequired.

Preferred Qualifications :

• Bachelors degree in a related field
• Relevant industry certificationssuch as AWS CNCF andGIACarehighly desirable

Competencies and Behaviors :

• Establishes strong credibility with engineering partners.
• Maintains a professional outcome-focused demeanor.
• Advocates for vulnerability and security best practices.
• Works independently on complex triage and analysis tasks.
• Manages competing priorities effectively escalating when appropriate.
• Communicates clearly across technical and non-technical audiences.
• Maintains accuracy attention to detail and documentation hygiene.

Our Benefits:

Full-time employees can take advantage of health coverage paid parental leave generous paid time-off and holidays quarterly self-care days off and stock options. Well make sure you have the equipment and support you need to work and connect with your teams at home or in one of our offices.

We have a growth mindset culture that is represented in all that we do from onboarding through to numerous learning and development initiatives including access to our LinkedIn Learning platform. Employee well-being is also top of mind for us. We host quarterly wellness education sessions to encourage self care and personal growth. From wellness days to ERG-hosted events we celebrate and energize all 6sense employees and their backgrounds.

Equal Opportunity Employer:

6sense is an Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race color religion sex sexual orientation gender perception or identity national origin age marital status protected veteran status or disability status. If you require reasonable accommodation in completing this application interviewing completing any pre-employment testing or otherwise participating in the employee selection process please direct your inquiries to .

We are aware of recruiting impersonationattempts that are not affiliated with 6sense in any way. All email communications from 6sense will originate from the @ domain. We will not initially contact you via text message and will never request payments. If you are uncertain whether you have been contacted by an official 6sense employee reach out to jobs@