Exposure Management Engineer - Northeast region (Remote)

Overview

GuidePoint Security is seeking an Exposure Management Engineer to support and scale our Exposure Management operations services. This role focuses on the day-to-day operation, optimization, and automation of security platforms including vulnerability management, CAASM, and CNAPP tools. The engineer will work closely with senior security engineers and client teams to help operationalize exposure management programs, manage platform findings, and improve remediation workflows. This position is ideal for someone who enjoys working hands-on with security tools, solving operational problems, and building automation to improve security programs at scale.

Key Responsibilities

Platform Operations

• Operate and maintain security platforms including vulnerability management, CAASM, and CNAPP tools
• Monitor security findings and support prioritization and remediation workflows
• Assist in platform tuning, configuration optimization, and integration with client environments
• Support Embraces of new assets, applications, and cloud environments into security platforms

Exposure Management Operations

• Review exposure findings and assist with prioritization and remediation tracking
• Help manage remediation workflows with client engineering teams
• Generate operational dashboards and reporting for security leadership
• Assist in maintaining asset inventory coverage and scanning accuracy

CNAPP & Cloud Security Support

• Assist with the operation and optimization of CNAPP platforms (e.g., Wiz, Prisma Cloud, Orca)
• Support cloud posture monitoring and exposure analysis
• Assist with investigation of cloud misconfigurations, identity exposures, and attack paths
• Work with senior engineers to onboard new cloud environments

Automation & Integrations

• Develop scripts and automation to improve security workflows
• Build integrations between security tools and ticketing systems
• Automate reporting, vulnerability triage, and remediation tracking
• Use APIs and automation frameworks to reduce manual operational effort

Client Engagement

• Participate in regular operational cadence meetings with clients
• Provide updates on platform findings and remediation progress
• Assist senior engineers in troubleshooting security platform issues
• Contribute to documentation and operational playbooks

Required Qualifications

• 3+ years of experience in cybersecurity engineering
• Exposure management or risk-based vulnerability management experience
• Familiarity with vulnerability management, exposure management, or CNAPP platforms such as Tenable, Qualys, Rapid7, Wiz, Axonius, or similar tools
• Scripting experience (Python, PowerShell, or similar)
• Experience working with APIs or automating workflows
• Understanding of security fundamentals: vulnerabilities, misconfigurations, identity and access control, security monitoring
• Strong communication skills and ability to work with engineering teams
• Embraces emerging technologies, including AI tools, to work smarter, solve problems, and drive better business outcomes

Preferred Qualifications

• Experience with CNAPP platforms such as: Wiz, Prisma Cloud, Orca, Lacework
• Experience with cloud platforms: AWS, Azure, GCP
• Familiarity with container security and Kubernetes
• Experience integrating security tools with ticketing platforms (Jira, ServiceNow)
• Experience using AI-assisted tools (LLMs, copilots, or agent frameworks) to accelerate scripting, analysis, and security operations workflows

Ideal Candidate Profile

The ideal candidate is someone who:

• Enjoys working hands-on with security platforms
• Likes solving operational and workflow challenges
• Naturally looks for opportunities to automate repetitive tasks and improve workflows using scripting, APIs, or AI tools
• Can operate independently but collaborates well with clients and engineers

This role provides exposure to a wide range of security programs and technologies and offers strong growth into cloud security, exposure management architecture, and security automation.