VMDR Expert (Vulnerability Management, Detection & Response)

About The Position

Requirements

• 6–10+ years of experience in Vulnerability Management, Threat Detection, or Security Engineering.
• Advanced knowledge of CVSS, EPSS, CISA KEV, CWE/CVE frameworks and scoring methodologies.
• Hands-on experience with enterprise-grade scanning, detection, and response tools (Tenable, Rapid7, Wiz, Prisma Cloud, ServiceNow VR).
• Experience building automation pipelines or integrations via API (Python, PowerShell, Bash, JSON).
• Familiarity with risk-based vulnerability management (RBVM) concepts and reporting models.
• Understanding of cloud security (AWS, GCP, Azure) and container environments (Docker, Kubernetes).
• Proven ability to collaborate across DevOps, Threat Intel, and Incident Response teams.
• Bachelor’s degree in Computer Science, Cybersecurity, or related field.

Nice To Haves

• Prior experience in a SaaS or cybersecurity platform company.
• Familiarity with Armis Centrix™, asset intelligence, or attack surface management tools.
• Experience building or managing ServiceNow VR modules or similar vulnerability tracking workflows.
• Certifications such as CISSP, GCCC, CEH, CySA+, or GIAC GVP.
• Experience integrating vulnerability and detection telemetry into SIEM/SOAR workflows.

Responsibilities

• Lead and evolve Armis’ Vulnerability Management, Detection, and Response (VMDR) program across hybrid environments (cloud, SaaS, on-prem).
• Operate and optimize vulnerability detection tools (e.g., Tenable, Qualys, Rapid7, Wiz, Prisma Cloud, ServiceNow VR).
• Integrate vulnerability data with threat intelligence and detection pipelines for risk-based prioritization.
• Develop automated playbooks for vulnerability validation, alert correlation, and remediation tracking using Python, PowerShell, or REST APIs.
• Correlate vulnerability data with real-time detections (SIEM/SOAR) to improve exploitability insights.
• Create dashboards and KPIs for exposure trends, SLA adherence, and MTTR metrics in Splunk, Power BI, or Elastic.
• Partner with Security Engineering, CloudOps, and Product teams to ensure secure configuration and timely patching.
• Support incident response investigations where vulnerabilities are exploited or suspected.
• Maintain compliance alignment for ISO 27001, SOC 2, and FedRAMP control mappings.
• Author VMDR runbooks, response SOPs, and executive risk reports summarizing key exposures and trends.
• Participate in threat-hunting and red/blue team activities to validate vulnerability detection coverage.

Benefits

• The salary range listed does not include other forms of compensation or benefits (e.g. i.e. bonuses, commissions, stocks, health insurance benefits, etc.) offered to candidates.
• Visit our careers site for more information on benefits at Armis