Sr. Security Engineer - Vulnerability Operations

Our Mission: 6sense's mission is to multiply what matters: growth, retention, and efficiency. We envision a future where companies, teams and people reach their full potential. Our People: People are the heart and soul of 6sense. We serve with passion and purpose. We live by our Being 6sense values of Win as One Team, Stay Curious, Do The Right Thing, Own the Outcome, and Create Belonging. Every 6sensor plays a part in defining the future of our industry-leading technology. 6sense is a place where difference-makers roll up their sleeves, take risks, act with integrity, and measure success by the value we create for our customers. We want 6sense to be the best chapter of your career. Purpose of the Job : As members of 6sense’s Security department, the Security Engineering team protects the platform across application, infrastructure, and cloud domains. The Vulnerability Operations function ensures that vulnerabilities are identified, triaged, validated, and remediated in a consistent, timely, and risk‑based manner. Senior Security Engineers work closely with Engineering, CloudOps, Product, and GRC teams to operationalize vulnerability management processes, build automation, standardize workflows, and ensure secure-by-default practices. Responsibilities Accountabilities : Ensure vulnerability management tools (e.g., Wiz, Invicti, Rapid7, GHAS, Ox) are correctly configured for appropriate coverage and accurate detection. Perform hands-on triage, validation, and root cause analysis of vulnerabilities across AppSec, InfraSec, and CloudSec. Track and report vulnerability status against SLAs, escalating to engineering owners as needed. Build and maintain dashboards, filters, reports, and triage scripts to support visibility and automation. Assist engineering teams in reproducing and remediating vulnerabilities, providing actionable guidance. Support the bug bounty program operations (not ownership), including validation and coordination with engineering teams. Conduct security reviews and threat modeling for high-risk systems or changes. Participate in initiatives that holistically address systemic or multi‑domain vulnerabilities. Contribute to development of automated security testing pipelines for validation of fixes. Participate in on-call or off‑hours incident response related to critical vulnerabilities and time‑sensitive patches. Contribute to quarterly OKRs and security engineering roadmap initiatives. Performance Measurement : Understands 6sense’s product, architecture, cloud footprint, and environment in depth. Takes ownership of vulnerability triage and prioritization while escalating where required. Proactively identifies and escalates AI/ML‑related vulnerabilities or misconfigurations in systems integrating LLMs or automated decisioning. Meets tight deadlines and SLAs for vulnerability response and validation. Maintains accurate and up-to-date triage scripts, documentation, dashboards, and workflows. Participates in weekly 1:1s and skip levels; provides clear progress updates. Supports security engineers and development teams with accurate, actionable analysis. Effectively participates in incident response and post‑incident remediation. Educational and Experience Requirements : 5+ years of experience in security engineering across vulnerability management, AppSec, CloudSec, or InfraSec. Experience with vulnerability tools (e.g., Wiz, Rapid7, Invicti, GHAS, SAST/DAST) and triage workflows. Understanding of cloud security (AWS preferred) and modern microservices architectures. Experience identifying and mitigating AI/ML‑related security risks, including model abuse, prompt‑injection vulnerabilities, and risks introduced by LLM‑based features. Experience with scripting/automation (Python, Bash, JavaScript, etc.). Experience working directly with engineering teams to address vulnerabilities. Familiarity with frameworks such as OWASP, NIST, CIS Benchmarks, MITRE ATTCK. Experience with IaC ... (truncated, view full listing at source)