Vulnerability Management Automation Engineer Jobs

Alkami is the digital sales and service platform provider for U.S. banks and credit unions. Our unified Platform integrates onboarding, digital banking, and data and marketing-each solution can stand alone, but together they deliver more-to help institutions onboard, engage, and grow relationships. As the future shifts toward Anticipatory Banking, we help data-informed bankers meet the moment with technology that drives action.
Founded in 2009, we continue to be recognized for our intentional culture and tremendous growth (Best Place to Work in Fintech; Best & Brightest to Work For Nationally; and Comparably's Best Company Culture, Best Career Growth, Best Engineering Team, and Best Places to Work in Dallas, among others). We're building a culture where each Alkamist can perform to their highest potential, and we're always on the lookout for the best and brightest minds. If you're ready to experience the power of alchemy - transforming the ordinary into the extraordinary - come join one of the fastest growing SaaS companies in the U.S.
As a remote-first company, most of our positions can be remote in the US, except for key roles, which will be indicated in the Job Title.
Follow us on Glassdoor and LinkedIn!
Alkami is hiring a Senior Security Engineer, Vulnerability Management to own and advance our enterprise vulnerability management program as a hands-on individual contributor, ensuring the protection of Alkami and its clients through proactive risk reduction.
This role will be responsible for maturing a scalable vulnerability management discipline by driving continuous improvement through AI-driven automation, metrics, risk-based prioritization, and cross-functional alignment.
In this role, you will partner closely with Security Architecture, Security Engineering, IT, SRE, Compliance, and engineering teams to ensure that vulnerabilities across infrastructure, applications, and cloud environments are identified, prioritized, communicated, and remediated effectively.
Your technical aptitude, operational rigor, and collaboration skills will help drive the program forward. This position is hands-on and requires strong execution, sound judgment, and the ability to influence outcomes across teams without direct people leadership responsibility.Key Responsibilities & Duties:
The Senior Security Engineer, Vulnerability Management will:

• Own and advance the enterprise vulnerability management lifecycle with a focus on scanning, triage, risk scoring, remediation tracking, validation, and continuous improvement.
• Leverage and modernize AI systems to automate patches and configuration changes, driving toward near real-time resolution of exploits.
• Optimize the vulnerability management platform and related tools, ensuring accurate, automated, and scalable coverage across infrastructure, applications, and cloud environments.
• Develop and deliver meaningful metrics and executive reporting to drive accountability, measure progress, and inform leadership on vulnerability posture and remediation performance.
• Communicate vulnerability status, remediation progress, and SLA performance through recurring updates and appropriate governance forums.
• Apply a risk-based prioritization model using CVSS, system criticality, threat intelligence, environmental context, and compensating controls to determine remediation urgency.
• Partner cross-functionally with the Red Team, IT, Engineering, SRE, Compliance, and service owners to identify, track, and mitigate risks tied to unsupported technologies, end-of-life systems, legacy services, and cloud-native vulnerabilities.
• Manage scanning exemptions and vulnerability exceptions, including documentation, business justification, review, remediation planning, and tracking through established processes.
• Help improve asset ownership, routing, and reporting coverage so vulnerability findings are consistently delivered to the correct teams and actioned effectively.
• Drive visibility and remediation of cloud misconfigurations, exposed services, over-permissioned identities, and other cloud-native risks in partnership with teams across the organization.
• Act as a technical leader in vulnerability risk management, influencing remediation strategies, prioritization decisions, and long-term technology lifecycle planning.

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or related field (or equivalent practical experience).
• 8+ years of experience in cybersecurity with at least 3 years focused on vulnerability management, risk management, or related security functions. SaaS environment experience is required.
• Hands-on expertise with vulnerability management platforms (e.g., Wiz, Tenable, Qualys, Rapid7, Vulcan, Kenna).
• Strong knowledge of vulnerability scoring frameworks (CVSS), patch management processes, remediation SLAs, and risk-based prioritization.
• Strong understanding of operating systems (Windows, Linux, macOS), networking, and cloud platforms (AWS, Azure, GCP).
• Experience with cloud security tools and CSPM/CNAPP platforms such as Wiz, Prisma Cloud, or Orca.
• Demonstrated ability to track, prioritize, and mitigate risks in partnership with IT, Engineering, SRE, and Compliance teams.
• Excellent problem-solving, analytical, and communication skills with the ability to influence stakeholders at all levels.

Desired Skills:
• Experience with cloud security tools and CSPM/CNAPP platforms such as Wiz, Prisma Cloud, or Orca.
• Experience with container security and cloud-native environments (Docker, Kubernetes, serverless).
• Knowledge of security frameworks and regulatory standards (NIST CSF, PCI DSS, SOC 2, ISO 27001).
• Experience automating remediation workflows or integrating vulnerability data into ticketing systems (e.g., Jira, ServiceNow).
• Background in threat modeling, exposure management, and risk assessment beyond patching.
• Relevant certifications such as CISSP, CISM, OSCP, GIAC/GVMS, or cloud security certifications.
The salary range for this position is: $112,000 - $140,000
Cool Things to Know
Not Just Any Company: Alkami has an awesome diverse and inclusive environment. We have a FUN culture and offer great benefits, including remote-first environment, unlimited paid time off, 401(k) with employer match, and more.
Work Authorization: We cannot offer employment sponsorship at this time. Candidates must be eligible to work in the US for full-time employment.
Recruiters: We are not looking for outside recruiting firms to help us in this search. Thank you for understanding.
Pay Transparency: As of January 1, 2023, new states and locales have enacted pay equity laws that require more pay transparency by employers in the following states: California, Colorado (effective January 1, 2021), Connecticut, Maryland, Nevada, New Jersey, New York, Ohio, Rhode Island and Washington.
The Important Stuff
Alkami Technology is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: Alkami is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Alkami are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Alkami will not tolerate discrimination or harassment based on any of these characteristics. Alkami encourages applicants of all ages.
#LI-REMOTE