Senior Vulnerability Engineer

OverviewKeeper Security is hiring an experienced Senior Vulnerability Engineer to design, build, and scale enterprise vulnerability management capabilities across our cloud, application, and corporate environments. This is a 100% remote position, with an opportunity to work a hybrid schedule for candidates based in the El Dorado Hills, CA or Chicago, IL metro area.About KeeperKeeper Security is one of the fastest-growing cybersecurity software companies that protects thousands of organizations and millions of people in over 150 countries. Keeper is a pioneer of zero-knowledge and zero-trust security built for any IT environment. Its core offering, KeeperPAM®, is an AI-enabled, cloud-native platform that protects all users, devices and infrastructure from cyber attacks. Recognized for its innovation in the Gartner Magic Quadrant for Privileged Access Management (PAM), Keeper secures passwords and passkeys, infrastructure secrets, remote connections and endpoints with role-based enforcement policies, least privilege and just-in-time access. Learn why Keeper is trusted by leading organizations to defend against modern adversaries at KeeperSecurity.com.About the JobAs a Senior Vulnerability Engineer, you will design, build, and scale systems for vulnerability discovery, prioritization, and remediation across Keeper’s cloud, application, and corporate environments. Partnering closely with Engineering, DevOps, IT, and Security teams, you will automate vulnerability detection and response, integrate security into CI/CD pipelines, and operationalize risk-based remediation at scale. This is a highly technical, hands-on role focused on improving visibility, accelerating remediation, and strengthening Keeper’s overall security posture. You will also support offensive security initiatives, including penetration testing, red teaming, and bug bounty programs, ensuring findings are actionable and embedded into engineering workflows.ResponsibilitiesDesign and implement scalable vulnerability scanning and asset discovery solutions across multi-cloud and SaaS environmentsEngineer and maintain integrations between vulnerability management tools and internal systems, including CI/CD platforms, ticketing systems, and source control toolsAutomate vulnerability ingestion, enrichment, prioritization, and remediation workflows using APIs and scriptingDevelop risk-based prioritization models by correlating vulnerability data with threat intelligence and exploit activityBuild and maintain pipelines to integrate vulnerability scanning into CI/CD processesCreate dashboards and analytics to track vulnerability exposure, remediation SLAs, and risk trendsContinuously improve coverage and accuracy of asset inventory and scanning capabilitiesMonitor and respond to zero-day vulnerabilities, CISA KEV bulletins, and active exploit campaignsPartner with Engineering and DevOps teams to troubleshoot and remediate vulnerabilities in applications and infrastructureContribute to secure architecture and hardening efforts across cloud and application environmentsSupport compliance requirements, including FedRAMP, StateRAMP, SOC 2, ISO 27001, and NIST SP 800-53, through technical implementation and evidence generationDocument systems, workflows, and automation for repeatability and scaleSupport the execution of red team exercises, penetration tests, and bug bounty programs in alignment with real-world threat scenariosCoordinate and validate findings from internal and external testing activities, ensuring accuracy, severity calibration, and reproducibilityIntegrate offensive security findings into vulnerability management workflows to drive prioritized remediationPartner with external vendors and researchers to triage submissions and improve signal quality in bug bounty programsContinuously improve testing methodologies, coverage, and tooling to reflect evolving attack techniquesCorrelate red team, penetration testing, and bug bounty findings with vulnerability data to identify systemic weaknessesRequirements5–8+ years of experience in vulnerability management, security engineering, or related technical rolesStrong hands-on experience with vulnerability scanning tools, CVE/CVSS scoring, and exploit analysisExperience building automation using Python, PowerShell, or similar scripting languagesExperience working with APIs and integrating security tools into engineering workflowsStrong understanding of cloud platforms, including AWS, GCP, and Azure, as well as modern application architecturesExperience embedding security into CI/CD pipelines and developer workflowsAbility to troubleshoot vulnerabilities across system, network, and application layersHands-on experience with penetration testing, red teaming, or bug bounty programs, including triage and validation of findingsWorking knowledge of compliance frameworks such as NIST SP 800-53, CIS Controls, ISO 27001, and SOC 2Preferred QualificationsCertifications such as OSCP, GIAC, CISSP, or similarExperience with data analytics and visualization tools such as Splunk or ElasticBackground in offensive security, red teaming, or exploit developmentExperience working with bug bounty platforms and external researcher communitiesExperience with asset inventory platforms, CMDBs, or cloud-native security toolingExperience building internal security tools or security platformsBachelor’s degree in Cybersecurity, Computer Science, or a related field, or equivalent practical experienceEEO statement: Keeper Security, Inc. is an equal opportunity employer and participant in the U.S. Federal E-Verify program. We celebrate diversity and are committed to creating an inclusive environment for all employees.NoteThe following application-specific sections and forms have been omitted from this refined job description to focus on the role, responsibilities, and qualifications. #J-18808-Ljbffr