Cybersecurity Triage Engineer

SailPoint's Cybersecurity organization is seeking a Cybersecurity Triage Engineer with a passion for cybersecurity and protecting the organization. The successful candidate will advance the existing Vulnerability Management Remediation effort into a new standalone capability, drive our efforts to coordinate the vulnerability remediation of our products.
We're seeking a colleague with solid technical acumen of both software engineering and development who can work with both our security team and our engineers to run down vulnerabilities and get them remediated. Our new Cybersecurity Triage Engineer will embrace the opportunity to build relationships, work with a variety of tools, and play a key role as we continually ensure the security of our product.
Our new Cybersecurity Triage Engineer will join a growing and capable threat and vulnerability management team of both emerging and established talent. This potential team member will be comfortable with the 4 I's at SailPoint (individual, Impact, Innovation, and Integrity) even if they're new to the concept. They will embrace new challenges and by being their authentic self will be a positive contributor to an already positive work culture and environment.
This is a challenging and impactful role where you will have the opportunity to work with a variety of stakeholders, including our fantastic colleagues in IT, DevOps, Product engineering, security engineering, and the security operations center.
This role reports directly to the Head of Vulnerability Management.
Responsibilities:

• Develop a deep understanding of a sophisticated SaaS architecture consisting of dozens of microservices
• Analyze the output from scanning tools to contextualize, evaluate, and prioritize vulnerabilities based on a risk-based approach
• Establish and maintain strong working relationships with various stakeholders, especially within our engineering teams, to ensure timely remediation
• Explain associated risks, identify dependencies, and facilitate the remediation process by providing necessary details and context
• Distribute tasks and assign tickets to optimal teams for resolution and track completion against established SLAs
• Provide program performance reporting per business unit and product
• Support the overall vulnerability management process within the SailPoint to include tool optimization, process refinement and automation, and streamlining communication workflows
• Maintain awareness of evolving vulnerabilities and exploit techniques.

Requirements:

• Strong understanding of vulnerability management principles and frameworks
• Strong Engineering/DevOps experience with cloud, containers, open-source code, deployment and misconfigurations

• Intermediate multi-language code and script comprehension ability

• Experience managing cross functional/cross-departmental projects or activities
• Ability to prioritize vulnerabilities according to risk and reduce noise often associated with vulnerability tools
• Experience with vulnerability scanning tools and ticketing systems
• Solid written and oral communication skills to communicate findings and status

• 3-5+ years experience in a Support Level 2 or equivalent and higher Site Reliability, Sustaining, or Implementation organization of B2B Enterprise Software (SaaS preferred, on-premise welcome)

Preferred:

• Expertise working with engineering, product, and support teams

• Solid understanding of cloud, containers, network, endpoint, and application security.
• Ability to work in a fast-paced environment, multi-task, change direction, effectively prioritize, and meet deadlines
• Ability to manage time independently while handling multiple projects concurrently
• Ability to work effectively with both local and remote staff, teammates and managers

SailPoint is an equal opportunity employer and we welcome everyone to our team. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.