Distinguished Engineer, Exposure Management
Listed on 2026-07-09
-
IT/Tech
AI Business & Operations, AI Evaluation
Job Summary
Serves as the senior technical leader and strategist for Exposure Management, setting the architectural direction for how the enterprise scopes, discovers, prioritizes, validates, and mobilizes remediation of vulnerabilities, misconfigurations, and other exploitable weaknesses across IT, cloud, SaaS, identity, and OT/medical-device estates. Leads the transformation of exposure management from batch-oriented, ticket-driven, human-mediated workflows with multi-week SLAs to a continuous, near real‑time, threat-informed Continuous Threat Exposure Management (CTEM) capability.
Owns the end‑to‑end data architecture that the program depends on— the canonical data model, asset and identity graph, ingestion and normalization patterns, data contracts, lineage, and quality/SLA controls that unify a complex set of telemetry and business‑context sources. Designs and delivers automation, machine learning, and GenAI capabilities that accelerate exposure discovery, prioritization, validation, remediation, and incident response while materially reducing manual work and operating cost.
Brings the attacker’s perspective into prioritization and validation—integrating threat intelligence, attack surface management, and adversarial exposure validation—so the program acts on real, exploitable attack paths to critical business assets and PHI rather than solely on CVE lists. Collaborates with Cyber‑defense and Vulnerability Management team members to develop strategic responses to emerging threat and vulnerability events, driving rapid, automated impact assessment and mobilization in hours rather than days or weeks.
Contributes to the design of outcome‑based exposure metrics and reporting frameworks that translate technical exposure data into business‑aligned risk outcomes for executive audiences and that meet evolving regulatory and disclosure expectations. Operates as a trusted bridge between deeply technical security teams and business stakeholders, influencing strategy, investment, and execution across organizational boundaries without relying on direct authority.
PrimaryJob Duties & Responsibilities
- Lead the strategic transformation of exposure management from batch‑oriented, ticket‑driven, human‑mediated workflows to a continuous, near real‑time, machine‑speed model—re‑architecting the end‑to‑end pipeline (scoping, discovery, prioritization, validation, mobilization) so that exposures are detected, validated, prioritized, and routed for remediation without manual intervention wherever safe to do so.
- Design and deliver automation, ML, and GenAI capabilities that accelerate exposure discovery, prioritization, validation, remediation, and incident response— including LLM‑assisted triage, exposure summarization, remediation guidance, detection engineering, and threat‑intel synthesis— and that materially reduce manual work and operating cost.
- Own the end‑to‑end data architecture for exposure management—defining the canonical data model, asset and identity graph, ingestion and normalization patterns, data contracts, lineage, retention, and access controls across telemetry and business‑context sources—so downstream automation, prioritization, ML, and reporting are built on trustworthy, timely, and SLA‑bound data.
- Architect a unified exposure view across vulnerability scanning and CTI tooling—using attack‑graph and identity/asset relationship analysis to surface toxic combinations and exploitable paths to critical assets, PHI, and payment data—and to drive attack‑path‑based prioritization in place of CVE‑list‑based prioritization.
- Define the outcome‑based exposure metrics framework—including validated exposure count, attack‑path reduction, MTTR for validated findings, coverage %, validation success rate, automation rate, and risk reduction rate—and the executive and regulatory reporting that translates them into business risk and disclosure narrative; accountable for ensuring metrics can be accurately computed and delivered within SLA.
- Build the cross‑team remediation operating model and the automated mobilization layer (ticketing, workflow, change, patch, and IaC integration) that drives adoption of exposure…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).