Role Overview

• Lead and evolve Armis’ Vulnerability Management, Detection, and Response (VMDR) program across hybrid environments (cloud, SaaS, on-prem).
• Operate and optimize vulnerability detection tools (e.g., Tenable, Qualys, Rapid7, Wiz, Prisma Cloud, ServiceNow VR).
• Integrate vulnerability data with threat intelligence and detection pipelines for risk-based prioritization.
• Develop automated playbooks for vulnerability validation, alert correlation, and remediation tracking using Python, PowerShell, or REST APIs.
• Correlate vulnerability data with real-time detections (SIEM/SOAR) to improve exploitability insights.
• Create dashboards and KPIs for exposure trends, SLA adherence, and MTTR metrics in Splunk, Power BI, or Elastic.
• Partner with Security Engineering, CloudOps, and Product teams to ensure secure configuration and timely patching.
• Support incident response investigations where vulnerabilities are exploited or suspected.
• Maintain compliance alignment for ISO 27001, SOC 2, and FedRAMP control mappings.
  Author VMDR runbooks, response SOPs, and executive risk reports summarizing key exposures and trends.
  Participate in threat-hunting and red/blue team activities to validate vulnerability detection coverage.

• 6–10+ years of experience in Vulnerability Management, Threat Detection, or Security Engineering.
  Advanced knowledge of CVSS, EPSS, CISA KEV, CWE/CVE frameworks and scoring methodologies.
  Hands-on experience with enterprise-grade scanning, detection, and response tools (Tenable, Rapid7, Wiz, Prisma Cloud, ServiceNow VR).
• Experience building automation pipelines or integrations via API (Python, PowerShell, Bash, JSON).
• Familiarity with risk-based vulnerability management (RBVM) concepts and reporting models.
• Understanding of cloud security (AWS, GCP, Azure) and container environments (Docker, Kubernetes).
• Proven ability to collaborate across DevOps, Threat Intel, and Incident Response teams.
• Bachelor’s degree in Computer Science, Cybersecurity, or related field.
  
  

Preferred Skills

• Prior experience in a SaaS or cybersecurity platform company.
• Familiarity with Armis Centrix™, asset intelligence, or attack surface management tools.
• Experience building or managing ServiceNow VR modules or similar vulnerability tracking workflows.
• Certifications such as CISSP, GCCC, CEH, CySA+, or GIAC GVP.
• Experience integrating vulnerability and detection telemetry into SIEM/SOAR workflows.