Vulnerability Automation Engineer

Accountabilities

• Design and operate end-to-end vulnerability automation pipelines that continuously identify, assess, and remediate security issues across cloud-native and infrastructure-as-code environments.
• Build agentic AI-driven workflows (e.g., using Claude Code and MCP integrations) to automate security tasks such as vulnerability detection, drift analysis, and remediation orchestration.
• Develop real-time asset discovery and inventory systems covering dynamic, containerized, and ephemeral workloads across multi-cloud environments.
• Implement policy-as-code and infrastructure-as-code security controls to enforce baselines, detect drift, and automatically remediate non-compliant configurations.
• Integrate vulnerability data from scanning tools, cloud security services, and threat intelligence sources into unified automation platforms for prioritization and response.
• Create dashboards, metrics, and reporting systems that measure vulnerability posture, remediation velocity, and automation coverage.
• Partner with engineering, product, and operations teams to embed security automation directly into CI/CD pipelines and infrastructure workflows.

Requirements

You bring strong experience in security engineering, DevSecOps, or infrastructure automation, with a focus on building scalable automated systems rather than manual processes. You are highly technical, comfortable working across cloud-native environments, and motivated by eliminating operational toil through engineering. You combine deep security knowledge with strong software engineering fundamentals and can translate complex security problems into automated solutions.

• 5+ years of experience in security engineering, DevSecOps, vulnerability management, or infrastructure automation
• Strong programming skills in Python, Go, Bash, or similar languages
• Experience with infrastructure-as-code tools such as Terraform
• Hands-on experience in cloud environments (AWS, GCP, or similar) and containerized systems (Kubernetes, serverless)
• Familiarity with vulnerability and security tools (e.g., Snyk, Tenable, Qualys, Wiz, Trivy, or equivalents)
• Strong understanding of vulnerability frameworks (CVE, CVSS, OWASP Top 10, exploitability models)
• Experience integrating security tools into CI/CD pipelines and automated workflows
• Familiarity with AI-assisted development tools and agentic workflows is highly valued
• Strong communication skills and ability to document and explain complex systems clearly
• Self-driven mindset with a strong bias toward automation and continuous improvement

Benefits

• Competitive compensation: $170,000 – $190,000 annual salary
• Remote-first work environment with flexible collaboration model
• Equity opportunities as part of total compensation package
• Comprehensive health, dental, and vision insurance
• 401(k) retirement plan with employer support
• Generous paid time off and holiday schedule
• Paid parental leave and family support programs
• Mental health and wellness resources
• Learning and development support, including training and professional growth opportunities
• Occasional team in-person gatherings (limited travel)