Sr. Vulnerability Management Engineer

We’re looking for problem solvers, innovators, and dreamers who are searching for anything but business as usual. Like us, you’re a high performer who’s an expert at your craft, constantly challenging the status quo. You value inclusivity and want to join a culture that empowers you to show up as your authentic self. You know that success hinges on commitment, that our differences make us stronger, and that the finish line is always sweeter when the whole team crosses together.Overview:As a Vulnerability Management Engineer, you will be responsible for managing projects and initiatives focused on reducing cyber security risk associated with system vulnerabilities across the enterprise. You will assist in governing and maturing the vulnerability program while managing technology vulnerabilities, researching cyber incidents and effectively co-leading comprehensive investigations and other security related activities.Primary Responsibilities:Contribute to the vulnerability management process including triaging identified vulnerabilities and tracking them through the vulnerability lifecycle.Be an integral part of our vulnerability management program ensuring we are monitoring for known vulnerabilities which pose a risk to our platformInstallation, monitoring, testing, troubleshooting, and administration of the vulnerability scanning toolsUse our threat intelligence & vulnerability data to ensure we’re effectively responding to potential adversariesPartner with multiple engineering teams to ensure we’re effectively monitoring our cloud and container infrastructureCapability to conduct technical analysis of identified vulnerabilities and alerts, make design decisions, and devise both tactical and strategic solutionsEnsure scheduled scans are covering 100% of intended assets and are being run successfullyConfigure, optimize, and test vulnerability scans against new and existing Operating Systems and platformsAbility to develop effective communication and remediation plans for a variety of stakeholders including IT, Engineering, and SecurityDeveloping process documentation including contributions to policies and proceduresRequirements:Bachelor’s degree in Computer Science, Information technology or related field or equivalent experience/trainingProven prior experience and demonstrable recurring success in an Information Security or IT role, preferably in red teaming, offensive security, penetration testing, reverse engineering, incident response, vulnerability management, or consultingProficiency with enterprise vulnerability management platforms such as Tenable.io, Rapid7, Qualys, etc.Experience working in Cloud Security Posture Management (CSPM) platforms such as Orca, Wiz, or Prisma CloudKnowledge of Application Security tooling, including SAST, DAST, and SCAUnderstanding of Application Security principles and processesDemonstrated success with Vulnerability Management program(s) or remediation effortsStrong skills in engineering and operational tools and technologies e.g., Terraform, Ansible, Git, Jenkins, Docker, KubernetesKnowledge about CI/CD practices and experience incorporating security requirements into a SDLC.Prior experience in major cloud environments such as AWS, GCP or AzureFind yourself checking a lot of these boxes but doubting whether you should apply? At Alteryx, we support a growth mindset for our associates through all stages of their careers. If you meet some of the requirements and you share our values, we encourage you to apply. As part of our ongoing commitment to a diverse, equitable, and inclusive workplace, we’re invested in building teams with a wide variety of backgrounds, identities, and experiences.