Attack Surface Management Team Lead

About The Position

Requirements

• 7+ years in Cybersecurity, with 3+ years in a senior, hands-on role focused specifically on Attack Surface Management (EASM/CAASM), Threat Intelligence, or Offensive Security.
• Expert-level, hands-on experience with modern ASM platforms and vulnerability scanners (e.g., CrowdStrike, Tenable, Qualys, CyCognito etc).
• Demonstrable proficiency in a scripting language (Python strongly preferred) used for API integration, data analysis, and automation. You should be able to provide examples of past automation projects.
• Deep technical understanding of the internet ecosystem: TCP/IP, DNS, TLS/SSL certificate management, domain registration, and BGP.
• Strong familiarity and experience with modern cloud environments (AWS, Azure, GCP), including knowledge of common services, configurations, and associated attack vectors.

Nice To Haves

• Experience with Breach and Attack Simulation (BAS) platforms.
• A background in penetration testing, red teaming, threat intelligence, or threat hunting.
• Experience building and presenting executive-level dashboards that track ASM KPIs and demonstrate ROI.
• Relevant certifications such as AWS CCP, CEH, GPEN, OSCP etc.
• Contributions to the security community (e.g., open-source tools, conference talks, blog posts).

Responsibilities

• Own the Attack Surface Map: Architect, implement, and operate our ASM program to create and maintain a definitive, real-time inventory of all external and internal digital assets (e.g., domains, IPs, cloud resources, code repositories, SaaS exposures). Proactively hunt for and illuminate "Shadow IT" and other unknown assets, ensuring they are brought under the governance of our security framework.
• Drive Risk-Based Prioritization: Serve as the primary liaison between ASM and our Threat Intelligence, Red Team, and Vulnerability Management functions. Synthesize data from ASM tools, threat feeds, and offensive security findings to transform raw exposure data into a prioritized, actionable risk plan. Focus the organization on the vulnerabilities that matter most.
• Lead the Remediation Lifecycle: Act as the technical lead for remediating complex, cross-functional exposures. You will track remediation progress, define and monitor SLAs, and act as a subject matter expert to help asset owners understand and fix identified issues.
• Automate and Integrate: Develop scripts and integrations (primarily in Python) to connect ASM data with our broader security ecosystem (e.g., CMDB, SIEM, SOAR). Continuously seek out and implement opportunities to automate discovery, enrichment, and reporting to improve program efficiency and reduce analyst toil.
• Mentor and Influence: Provide technical guidance and mentorship to other analysts on the team, elevating the overall skill set of the group. Translate complex technical findings into clear, concise reports and presentations for technical peers, stakeholders, and executive leadership.

Benefits

• Health and wellness coverage: Medical, dental, and vision insurance
• Disability coverage: Short-term and long-term disability
• Life protection: Life insurance and Accidental Death & Dismemberment (AD&D)
• Additional life coverage options: Supplemental life insurance for employees, spouses, and children
• Flexible spending accounts for health care, and dependent care; limited purpose flexible spending account
• Financial security: 401(k) Savings and Investment Plan with company matching
• Time off benefits: Flexible vacation policy
• Holidays: 8 paid holidays annually
• Sick leave
• Parental support: Paid parental leave
• Employee Assistance Program (EAP) and Care Counselors
• Voluntary benefits: Legal Assistance, Critical Illness, Accident, Hospital Indemnity and Pet Insurance options
• Health Savings Account (HSA) with employer contribution