Senior Vulnerability Analyst
| Company | Procore Technologies |
|---|---|
| Location | Austin, TX, USA |
| Salary | $Not Provided – $Not Provided |
| Type | Full-Time |
| Degrees | Bachelor’s |
| Experience Level | Senior |
Requirements
- Degree or equivalent work experience
- Must have a minimum of 2 years experience in triaging, remediating and reporting on vulnerabilities
- Background in development and security engineering
- Ability to navigate complex environments
- Capability to help developers resolve vulnerabilities
Responsibilities
- Monitor and triage vulnerability data from scanning tools and threat intelligence sources to ensure timely remediation of findings impacting FedRAMP systems
- Analyze vulnerability risk based on asset criticality, exposure, and threat context, and provide clear and actionable recommendations
- Track open vulnerabilities, coordinate with technical teams, and ensure adherence to FedRAMP-defined remediation timelines
- Partner with the GRC teams and internal FedRAMP stakeholders to support FedRAMP reporting, continuous monitoring deliverables, and audit evidence requests
- Document exceptions, justifications, and mitigation plans for vulnerabilities that cannot be remediated within required timelines
- Generate clear and concise metrics, dashboards, and reports for stakeholders and executive leadership
- Contribute to the continuous improvement of vulnerability management processes, workflows, and tooling
Preferred Qualifications
- Some combination of the following: OSCP, CompTIA Security+, GCIA / GCIH / GPEN, CISM, AWS Certified Security – Specialty