Senior Vulnerability Analyst

8+ years of experience in vulnerability analysis/research or cyber threat intelligence Active exploitation awareness, including how zero‑days/n‑days propagate, PoC weaponization trends, and defender impact. Proven ability to work with discretion, handle sensitive information, and build trusted relationships. Vulnerability ecosystem fluency: CVE/CWE, NVD/NIST, CISA KEV, EPSS, vendor advisories, and patch/mitigation lifecycles. Familiarity with the penetration testing industry and vulnerability management ecosystems Outstanding communication and interpersonal skills; able to influence at all levels. Exceptional organizational skills with the ability to manage multiple priorities and stakeholders. Familiarity with and comfort writing Python Experience performing data analysis and creating visualizations to illustrate broad trends Experience communicating vulnerability and threat information to technical audiences outside of cyber security Digital presence: experience using social channels and community forums to amplify research responsibly. Public speaking experience at conferences, webinars, podcasts, and customer briefings; comfortable fielding live Q&A. Conference publications or awards (e.g., Black Hat, DEF CON, BSides, FIRST). Media training and experience briefing reporters or analysts. Bug bounty/VDP experience, including triage or program participation from either side.

Analyze the outcomes of NodeZero pentests to understand customer exposure to vulnerabilities and threats to inform our research prioritization Research, document and publish mitigation and remediation techniques for the most impactful vulnerabilities affecting our customers Monitor public vulnerability databases and threat intelligence sources to stay current on emerging threats. Track product coverage for emerging vulnerabilities and drive communication updates for both internal and external partners Write, edit and publish public facing content about vulnerabilities Create internal content about vulnerabilities and threat actors to support Go To Market and Marketing teams Collaborate cross-functionally with attack engineers, product managers, product marketing and customer teams