SailPoint Technologies

Vulnerability Management Analyst

SailPoint Technologies$71K — $120K *
Austin, TX 78745In-Person
Information Technology
Less than 5 years of experience
Reposted 2 weeks ago
Job Overview by Ladders

Qualifications

  • 5-7 years in cloud security or a related cybersecurity field.
  • Hands-on experience with AWS and container technologies like Kubernetes and Docker.
  • 2-4 years of vulnerability management experience.
  • Intermediate scripting skills in Python or PowerShell for automation tasks.
  • Ability to effectively communicate with both technical and non-technical stakeholders.

Responsibilities

  • Analyze and assess vulnerabilities in cloud and enterprise environments.
  • Partner with DevOps to address vulnerabilities in AWS configurations.
  • Drive remediation efforts by guiding teams through risks and dependencies.
  • Contribute to the automation of security workflows and reporting processes.
  • Develop metrics for vulnerability management compliance and reporting.
  • Stay updated on threat intelligence to enhance prioritization strategies.

Benefits

  • Comprehensive health, dental, and vision insurance
  • Short-term and long-term disability coverage
  • Life insurance and AD&D
  • 401(k) plan with company matching
  • Flexible vacation policy and 8 paid holidays
  • Paid parental leave
  • Employee Assistance Program (EAP)
  • Health Savings Account (HSA) with employer contribution
Full Job Description
SailPoint is looking for a motivated Vulnerability Management Analyst to join our growing Cybersecurity team. In this role, you will be at the heart of our security operations, responsible for protecting SailPoint's production environments from misconfigurations and software vulnerabilities. You will ensure our products meet the highest standards of security and trust by managing the complete lifecycle of vulnerabilities across our complex, cloud-native infrastructure.

As a key member of our threat and vulnerability management team, you will work closely with cross-functional partners in IT, DevOps, and Engineering to reduce our organizational risk. This is a challenging and impactful role where you can grow your skills and contribute directly to our security posture.

What You'll Do (Core Responsibilities):
  • Analyze & Prioritize: Triage and assess vulnerabilities discovered in our cloud infrastructure, containerized environments, enterprise infrastructure, and applications, using a risk-based framework that goes beyond standard CVSS scores.
  • Cloud Security: Partner with DevOps and Engineering to identify and remediate vulnerabilities and misconfigurations in our AWS environment.
  • Drive Remediation: Act as a key liaison, explaining risks, identifying dependencies, and providing the necessary context to help teams remediate vulnerabilities efficiently.
  • Automate & Improve: Contribute to the continuous improvement of our program by helping automate data ingestion, reporting, and ticketing system integrations (e.g., Jira, Slack) using scripting languages like Python or PowerShell.
  • Report & Comply: Develop metrics to report on the health of the vulnerability management program and provide evidence to support compliance and audit needs for frameworks like SOC2, ISO 27001, and FedRAMP.
  • Threat Intelligence: Maintain knowledge of the current threat landscape, including new attack techniques and actively exploited vulnerabilities, to inform our prioritization strategy.


What You'll Bring (Key Requirements):
  • Cloud Infrastructure Experience: Strong, hands-on experience securing cloud environments, particularly AWS. You should have a technical understanding of core services like EC2, and container technologies such as Kubernetes and Docker.
  • Vulnerability Management Experience: 2-4 years of experience in vulnerability management, product security, or a similar cybersecurity role.
  • Technical Acumen: A solid grasp of common product security issues (e.g., OWASP Top 10, SSRF, Injection flaws) and how they manifest in modern, multi-cloud architectures.
  • Automation Skills: Intermediate scripting ability (e.g., Python, PowerShell) to help automate security workflows, reporting, and data analysis.
  • Collaboration & Influence: A proven ability to build strong partnerships and communicate effectively with technical and non-technical stakeholders in a matrixed organization.


Preferred Qualifications:
  • Past experience in penetration testing, product security, or the security research community.
  • Certifications such as AWS Certified Security - Specialty, CISSP, CISA, or CySA+.
    • Note: Candidates are required to obtain the AWS Certified Cloud Practitioner or AWS Certified Security - Specialty certification within the first year of employment if not already held.


The Path to Success (Milestones):

60-Day Milestones (The "Connecting" Phase):
  • Become fully comfortable with core processes and tools (e.g., Qualys, CrowdStrike), including reporting, ticketing, and internal workflows.
  • Solidify relationships with key members of the vulnerability management team and begin engaging with stakeholders in Engineering and Compliance.
  • Begin performing routine vulnerability management tasks, such as validating scans and initiating remediation ticketing, with increasing independence.

90-Day Milestones (The "Contribution" Phase):
  • Operate with minimal oversight on daily tasks, fully managing the day-to-day vulnerability lifecycle for your areas of responsibility.
  • Act as a natural escalation point for junior analysts, providing mentorship and helping to resolve challenges with remediation teams.
  • Confidently engage with engineering teams to work through remediation problems and ensure operational flow.

6-Month Milestones (The "Performance" Phase):
  • Become a strong, effective contributor who actively identifies and suggests areas for process improvement.
  • Take the lead on an internal team project, such as revamping vulnerability metrics or automating a reporting process.
  • Demonstrate a deep understanding of our risk-based approach by prioritizing vulnerabilities.

12-Month Milestones (The "Ownership" Phase):
  • Solidly own all assigned tasks and responsibilities, running with them from start to finish with minimal supervision.
  • Actively contribute to maturing the team by bringing in new ideas, finding process efficiencies, and mentoring junior analysts on technical and communication skills.
  • Establish and maintain strong, trusted relationships with cross-functional partners in Engineering, Compliance, and other departments, effectively working through complex problems together.


Benefits and Compensation listed vary based on the location of your employment and the nature of your employment with SailPoint.

As a part of the total compensation package, this role may be eligible for the SailPoint Corporate Bonus Plan or a role-specific commission, along with potential eligibility for equity participation. SailPoint maintains broad salary ranges for its roles to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect SailPoint's differing products, industries, and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. We estimate the base salary, for US-based employees, will be in this range from (min-mid-max, USD):
$71,500 - $120,478.00
Base salaries for employees based in other locations are competitive for the employee's home location.

Benefits Overview

1. Health and wellness coverage: Medical, dental, and vision insurance

2. Disability coverage: Short-term and long-term disability

3. Life protection: Life insurance and Accidental Death & Dismemberment (AD&D)

4. Additional life coverage options: Supplemental life insurance for employees, spouses, and children

5. Flexible spending accounts for health care, and dependent care; limited purpose flexible spending account

6. Financial security: 401(k) Savings and Investment Plan with company matching

7. Time off benefits: Flexible vacation policy

8. Holidays: 8 paid holidays annually

9. Sick leave

10. Parental support: Paid parental leave

11. Employee Assistance Program (EAP) and Care Counselors

12. Voluntary benefits: Legal Assistance, Critical Illness, Accident, Hospital Indemnity and Pet Insurance options

13. Health Savings Account (HSA) with employer contribution

About SailPoint Technologies

SailPoint Technologies Holdings, Inc. is an American software company that provides identity management solutions for enterprises. SailPoint's open identity platform gives organizations the power to enter new markets, scale their workforces, embrace new technologies, innovate faster and compete on a global basis. As both an industry pioneer and market leader in identity governance, SailPoint delivers security, operational efficiency and compliance to enterprises with complex IT environments. SailPoint's customers are among the world's largest companies in a wide range of industries, including: 7 of the top 15 banks, 4 of the top 6 healthcare insurance and managed care providers, 9 of the top 15 property and casualty insurance providers, 5 of the top 15 pharmaceutical companies, and 11 of the largest 15 federal agencies.
Learn more about SailPoint Technologies
Size
1,676 employees
Market Cap
$6 billion
Industry
Information Technology
Net Income
-$10.7 million
Founded
2005
5 Year Trend
+27.1%
Revenue
$365.2 million
NASDAQ
SAIL
* Ladders Estimates

Similar Jobs

Ad banner background

Get Ready For Your
Next Interview

More Jobs at SailPoint Technologies

More Information Technology Jobs

Find similar Vulnerability Management Analyst jobs:

NationwideAustin, TX