VulnCheck · 2 weeks ago
Sr. Vulnerability Analyst (Maryland)
United States
Full-time
Remote
Senior LevelVulnCheck is a company that delivers next-generation exploit and vulnerability intelligence solutions. They are seeking a Senior Vulnerability Analyst to advance vulnerability analysis and threat intelligence, leveraging expertise in the CVE process and frameworks like MITRE ATT&CK and CVSS.
Artificial Intelligence (AI)Cyber SecurityInformation TechnologyNetwork Security
Responsibilities
Map vulnerabilities: Analyze and map discovered vulnerabilities to MITRE ATT&CK techniques and CAPEC attack patterns with precision and consistency
CWE assignment: Determine and assign accurate CWE (Common Weakness Enumeration) IDs, producing well-documented rationales
CVSS calculation: Authoritatively calculate CVSS v3/v4 base scores, providing transparent, defensible justifications
CVE Processing: Review, draft, and curate CVE Records, ensuring data quality, fidelity, and consistency with CVE Program standards
Collaboration: Liaise with vulnerability researchers, product security teams, and standards communities to ensure best practices and knowledge transfer
Process improvement: Develop and refine workflows and playbooks for vulnerability triage, mapping, and reporting
Mentorship: Share your expertise by mentoring junior analysts and driving team knowledge-sharing initiatives
Qualification
Required
Proven experience with the CVE Program—either as an analyst, CNA, or significant contributor in a major software or security organization
Expert knowledge of MITRE ATT&CK, CAPEC, CWE, and working experience mapping vulnerabilities to these frameworks
Advanced understanding of CVSS (v3 and v4), including real-world application to vulnerability scoring and risk communication
Strong analytical, technical, and research skills, with a passion for data quality and process rigor
Exceptional written and verbal communication skills—including the ability to translate complex technical details for diverse audiences
Experience engaging with community initiatives, standards bodies, or open-source projects in the vulnerability or threat intelligence space is highly desirable
Preferred
Experience contributing to the evolution of vulnerability standards (e.g., participation in CVE Editorial Boards, CAPEC Working Groups, or similar)
Familiarity with automation tools or programming/scripting languages (Python, Golang, etc.) for data enrichment or workflow improvement
Published research, whitepapers, or presentations in the field of vulnerability analysis, mapping, or threat intelligence
Benefits
Competitive compensation package.
Comprehensive, 100% company-paid medical, dental, and vision plans.
Flexible work arrangements with the option to work remotely.
Dynamic work environment with opportunities for growth and advancement.
Access to continuous learning and development programs.
Company
VulnCheck
VulnCheck delivers advanced cyber threat intelligence, offering exploit and vulnerability insights to help organizations stay secure.
Founded in 2021
51-200 employees
Funding
Current Stage
Growth StageTotal Funding
$19.95MKey Investors
Ten Eleven VenturesSorenson CapitalSorenson Ventures
2025-03-18Series A· $12M
2024-04-19Seed· $4.75M
2023-02-09Seed· $3.2M
Leadership Team
Anthony Bettini
Founder & CEO
Caitlin Condon
Vice President of Security Research
Recent News
2025-12-08
Best Endpoint Protection Security (EPP) Tools, Software, Solutions & Vendors
2025-11-23
Company data provided by crunchbase