Vulnerability Analyst

xAI•Palo Alto, CA

About The Position

xAI’s mission is to create AI systems that can accurately understand the universe and aid humanity in its pursuit of knowledge. Our team is small, highly motivated, and focused on engineering excellence. This organization is for individuals who appreciate challenging themselves and thrive on curiosity. We operate with a flat organizational structure. All employees are expected to be hands-on and to contribute directly to the company’s mission. Leadership is given to those who show initiative and consistently deliver excellence. Work ethic and strong prioritization skills are important. All engineers are expected to have strong communication skills. They should be able to concisely and accurately share knowledge with their teammates. About the team: The Vulnerability Management team is responsible for assessing and mitigating security risks across our portfolio. This role will focus on vulnerability analysis and risk assessment, ensuring the organization is well-protected against emerging threats. The ideal candidate will have deep expertise in vulnerability scoring, data analysis, and automation. In this role, you’ll be responsible for evaluating vulnerabilities and determining their impact based on industry standards. You’ll work closely with cross-functional teams to improve security posture and integrate best practices.

Requirements

Mastery of CVSS and its environmental processing.
Expertise in Python for security data manipulation.
Strong understanding of vulnerability impact, risk assessment, and mitigation strategies.
Proficiency with MITRE ATT&CK framework for security analysis.
Experience creating dashboard-based reports to communicate security findings.
Excellent communication and stakeholder management skills.

Nice To Haves

Experience with Elastic/OpenSearch.
Familiarity with Kibana/Grafana dashboarding.
Development of security automation playbooks.

Responsibilities

Conducting vulnerability assessments using the CVSS standard as defined by First.org.
Understanding and implementing vector strings and vector chaining for risk evaluation.
Performing data analysis to assess security risks across the organization.
Identifying vulnerability reachability and impact to prioritize security responses.
Writing Python scripts to manage and manipulate data from sources such as CSV, Excel, JSON, and RESTful APIs.
Applying MITRE ATT&CK framework for attack path analysis.
Creating data reporting solutions, including simple dashboards.
Engaging with stakeholders across the organization to ensure security buy-in.
Demonstrating strong critical analysis, problem-solving, and security expertise.

Benefits

Base salary is just one part of our total rewards package at xAI, which also includes equity, comprehensive medical, vision, and dental coverage, access to a 401(k) retirement plan, short & long-term disability insurance, life insurance, and various other discounts and perks.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume