Keeper Security - Senior Vulnerability Engineer
Upload My Resume
Drop here or click to browse · Tap to choose · PDF, DOCX, DOC, RTF, TXT
Requirements
• 5–8+ years of experience in vulnerability management, security engineering, or related technical roles • Strong hands-on experience with vulnerability scanning tools, CVE/CVSS scoring, and exploit analysis • Experience building automation using Python, PowerShell, or similar scripting languages • Experience working with APIs and integrating security tools into engineering workflows • Strong understanding of cloud platforms, including AWS, GCP, and Azure, as well as modern application architectures • Experience embedding security into CI/CD pipelines and developer workflows • Ability to troubleshoot vulnerabilities across system, network, and application layers • Hands-on experience with penetration testing, red teaming, or bug bounty programs, including triage and validation of findings • Working knowledge of compliance frameworks such as NIST SP 800-53, CIS Controls, ISO 27001, and SOC 2 • Certifications such as OSCP, GIAC, CISSP, or similar • Experience with data analytics and visualization tools such as Splunk or Elastic • Background in offensive security, red teaming, or exploit development • Experience working with bug bounty platforms and external researcher communities • Experience with asset inventory platforms, CMDBs, or cloud-native security tooling • Experience building internal security tools or security platforms • Bachelor’s degree in Cybersecurity, Computer Science, or a related field, or equivalent practical experience
Responsibilities
• Design and implement scalable vulnerability scanning and asset discovery solutions across multi-cloud and SaaS environments • Engineer and maintain integrations between vulnerability management tools and internal systems, including CI/CD platforms, ticketing systems, and source control tools • Automate vulnerability ingestion, enrichment, prioritization, and remediation workflows using APIs and scripting • Develop risk-based prioritization models by correlating vulnerability data with threat intelligence and exploit activity • Build and maintain pipelines to integrate vulnerability scanning into CI/CD processes • Create dashboards and analytics to track vulnerability exposure, remediation SLAs, and risk trends • Continuously improve coverage and accuracy of asset inventory and scanning capabilities • Monitor and respond to zero-day vulnerabilities, CISA KEV bulletins, and active exploit campaigns • Partner with Engineering and DevOps teams to troubleshoot and remediate vulnerabilities in applications and infrastructure • Contribute to secure architecture and hardening efforts across cloud and application environments • Support compliance requirements, including FedRAMP, StateRAMP, SOC 2, ISO 27001, and NIST SP 800-53, through technical implementation and evidence generation • Document systems, workflows, and automation for repeatability and scale • Support the execution of red team exercises, penetration tests, and bug bounty programs in alignment with real-world threat scenarios • Coordinate and validate findings from internal and external testing activities, ensuring accuracy, severity calibration, and reproducibility • Integrate offensive security findings into vulnerability management workflows to drive prioritized remediation • Partner with external vendors and researchers to triage submissions and improve signal quality in bug bounty programs • Continuously improve testing methodologies, coverage, and tooling to reflect evolving attack techniques • Correlate red team, penetration testing, and bug bounty findings with vulnerability data to identify systemic weaknesses
Benefits
• Medical, Dental & Vision (inclusive of domestic partnerships) • Employer Paid Life Insurance & Employee/Spouse/Child Supplemental life • Voluntary Short/Long Term Disability Insurance • 401K (Roth/Traditional) • A generous PTO plan that celebrates your commitment and seniority (including paid Bereavement/Jury Duty, etc) • Above market annual bonuses
No credit card. Takes 10 seconds.