GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk. Overview GuidePoint Security is seeking an Exposure Management Engineer to support and scale our Exposure Management operations services. This role focuses on the day-to-day operation, optimization, and automation of security platforms including vulnerability management, CAASM, and CNAPP tools. The engineer will work closely with senior security engineers and client teams to help operationalize exposure management programs, manage platform findings, and improve remediation workflows. This position is ideal for someone who enjoys working hands-on with security tools, solving operational problems, and building automation to improve security programs at scale. Key Responsibilities Platform Operations - Operate and maintain security platforms including vulnerability management, CAASM, and CNAPP tools - Monitor security findings and support prioritization and remediation workflows - Assist in platform tuning, configuration optimization, and integration with client environments - Support onboarding of new assets, applications, and cloud environments into security platforms Exposure Management Operations - Review exposure findings and assist with prioritization and remediation tracking - Help manage remediation workflows with client engineering teams - Generate operational dashboards and reporting for security leadership - Assist in maintaining asset inventory coverage and scanning accuracy CNAPP & Cloud Security Support - Assist with the operation and optimization of CNAPP platforms (e.g., Wiz, Prisma Cloud, Orca) - Support cloud posture monitoring and exposure analysis - Assist with investigation of cloud misconfigurations, identity exposures, and attack paths - Work with senior engineers to onboard new cloud environments Automation & Integrations - Develop scripts and automation to improve security workflows - Build integrations between security tools and ticketing systems - Automate reporting, vulnerability triage, and remediation tracking - Use APIs and automation frameworks to reduce manual operational effort Client Engagement - Participate in regular operational cadence meetings with clients - Provide updates on platform findings and remediation progress - Assist senior engineers in troubleshooting security platform issues - Contribute to documentation and operational playbooks Required Qualifications - 3+ years of experience in cybersecurity engineering - Exposure management or risk-based vulnerability management experience - Familiarity with vulnerability management, exposure management, or CNAPP platforms such as Tenable, Qualys, Rapid7, Wiz, Axonius, or similar tools - Scripting experience (Python, PowerShell, or similar) - Experience working with APIs or automating workflows - Understanding of security fundamentals: vulnerabilities, misconfigurations, identity and access control, security monitoring - Strong communication skills and ability to work with engineering teams Preferred Qualifications - Experience with CNAPP platforms such as: Wiz, Prisma Cloud, Orca, Lacework - Experience with cloud platforms: AWS, Azure, GCP - Familiarity with container security and Kubernetes - Experience integrating security tools with ticketing platforms (Jira, ServiceNow) - Experience using AI-assisted tools (LLMs, copilots, or agent frameworks) to accelerate scripting, analysis, and security operations workflows Ideal Candidate Profile The ideal candidate is someone who: - Enjoys working hands-on with security platforms - Likes solving operational and workflow challenges - Naturally looks for opportunities to automate repetitive tasks and improve workflows using scripting, APIs, or AI tools - Can operate independently but collaborates well with clients and engineers This role provides exposure to a wide range of security programs and technologies and offers strong growth into cloud security, exposure management architecture, and security automation. We use Greenhouse Software as our applicant tracking system and Zoom Scheduler for HR screen request scheduling. At times, your email may block our communication with you. Please be sure to check your SPAM folder so that you don't miss updates on your application. Why GuidePoint? GuidePoint Security is a rapidly growing, profitable, privately-held value added reseller that focuses exclusively on Information Security. Since its inception in 2011, GuidePoint has grown to over 1,200 employees, established strategic partnerships with leading security vendors, and serves as a trusted advisor to more than 6,200 customers. Firmly-defined core values drive all aspects of the business, which have been paramount to the company’s success and establishment of an enjoyable workplace atmosphere. At GuidePoint, your colleagues are knowledgeable, skilled, and experienced and will seek to collaborate and provide mentorship and guidance at every opportunity. This is a unique and rare opportunity to grow your career along with one of the fastest growing companies in the nation. Some added perks…. - Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions) - Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family). If you choose the High Deductible / HSA plan, GPS will contribute in 4 equal quarterly installments: ($850 per EE annually / $1750 per family annually (includes spouse/children/family options) - Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans - 12 corporate holidays and a Flexible Time Off (FTO) program - Healthy mobile phone and home internet allowance - Eligibility for retirement plan after 2 months at open enrollment - Pet Benefit Option

• Own the evolution and governance of product security architecture for specific services within our SaaS platform. • Drive multi-quarter initiatives that measurably reduce systemic risk while aligning security investments with business growth. • Lead secure design reviews, threat modeling, and architecture assessments for critical features and integrate robust security controls into distributed systems, APIs, and containerized environments. • Identify recurring architectural risk patterns and lead efforts to remediate them at scale, providing leadership during security incidents and post-incident reviews. • Influence product direction through technical credibility and sound judgment by framing security discussions in terms of business and customer impact. • Produce durable documentation—including architecture guidance, threat models, and decision records that scale security knowledge across the organization.

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description We are seeking a highly skilled and motivated Senior Software Engineer | Security with a strong software and detection engineering background to join our Detection Engineering (DE) team and help expand ExtraHop’s industry leading detection coverage. An ideal candidate will have strong software engineering, networking, and cybersecurity fundamentals. This position works closely with security researchers and data scientists to develop cutting edge network threat detections that leverage rule-based network observations as well as ML-powered anomaly detections. As a Senior Software Engineer | Security, you will be working as part of a team dedicated to delivering industry leading detection capabilities. You will be expected to work with a high level of autonomy, to mentor other team members, and to demonstrate a high level of ownership of your areas of responsibility. ExtraHop offers an exciting, high-energy, and versatile environment in which people are encouraged and supported to collaborate on industry-leading technology and create a world-class engineering team while they develop and enrich their individual growth. ExtraHop R&D supports fully-flexible work options that include full-time onsite, hybrid, and fully remote working arrangements. Key Responsibilities - Develop network threat detectors by leveraging rule-based and ML-based detection strategies. - Reproduce attacks in a lab environment using live tools and recorded PCAP traffic, and perform threat hunts on aggregated log data, in order to identify malicious behaviors and develop techniques to detect them. - Collaborate with Threat Research and Data Science teams to gain insight on attacker techniques and take advantage of the latest machine learning models to detect attacker behavior. - Work with infrastructure teams to help develop and improve tools that Detection Engineering and Threat Research teams use in developing and testing detections. - Mentor and coach other Security Engineers regarding detector development and network threats. - Actively participate in code review to ensure quality and uplevel other engineers. Qualifications - 7+ years of experience in software engineering. - Solid knowledge of Javascript and Python. - In-depth knowledge of networking fundamentals, including the OSI model and excellent working knowledge of the key protocols from Layer 2 through Layer 7. - Experience developing solutions using cloud-native technologies. - Self-starter with a strong problem-solving track record and ability to grow and learn. - Excellent teammate and collaborator who can iterate on problems quickly. - Proficient at communication in both spoken and written forms, including documentation. Preferred Qualifications - Experience working with network packet-level data using tools like Wireshark, tshark, tcpdump, tcprewrite, and Scapy to directly interact with this data. - Knowledge of cloud and on-premise cybersecurity threat models - attacker behavior, tools, techniques, and practices. Ability to translate this knowledge into user-facing threat detections. Benefits - Health, Dental, and Vision Benefits. - Flexible PTO, Sick Time Prorated Based on Date of Hire, and All Federal Holidays (US Only) + 3 Days of Paid Volunteer Time. - Non-Commissioned Positions may be eligible to participate in the Annual Discretionary Bonus Plan. - FSA and Dependent Care Accounts + EAP, where applicable. - Educational Reimbursement. - 401k with Employer Match or Pension where applicable. - Pet Insurance (US Only). - Parental Leave (US Only). - Hybrid and Remote Work Model.

Kaseya® is the leading provider of complete IT infrastructure and security management solutions for Managed Service Providers (MSPs) and internal IT organizations worldwide powered by AI. Kaseya’s best-in-breed technologies allow organizations to efficiently manage and secure IT to drive sustained business success. Kaseya has achieved sustained, strong double-digit growth over the past several years and is backed by Insight Venture Partners www.insightpartners.com), a leading global private equity firm investing in high-growth technology and software companies that drive transformative change in the industries they serve. Founded in 2000, Kaseya currently serves customers in over 20 countries across a wide variety of industries and manages over 15 million endpoints worldwide. To learn more about our company and our award-winning solutions, go to www.Kaseya.com and for more information on Kaseya’s culture. Kaseya is not your typical company. We are not afraid to tell you exactly who we are and our expectations. The thousands of people that succeed at Kaseya are prepared to go above and beyond for the betterment of our customers. We are seeking a proven Director of Application Security to build and lead our Application Security program across R&D. This role will partner directly with Product and Engineering leadership to embed security into our development lifecycle, strengthen our tooling and processes, and ensure our applications are secure at scale. The ideal candidate has experience standing up or maturing an application security function within a high-growth software organization. You are comfortable operating at both a strategic and hands-on level, and you know how to collaborate effectively with engineering teams to deliver results. What You’ll Do - Build and lead the Application Security function across R&D - Integrate security into CI/CD pipelines and day-to-day development workflows - Drive the implementation and optimization of AppSec tooling (including Snyk) - Develop and maintain security standards, policies, and frameworks - Lead threat modeling, risk assessments, and design reviews - Partner with Engineering leaders to drive secure coding practices - Build and report on measurable security KPIs - Clearly communicate how initiatives will be executed and implemented - Mentor and grow AppSec capability as the program scales What You Bring - 8+ years of experience in Application Security or Security Engineering - Experience building or maturing an AppSec program - Strong understanding of CI/CD and DevSecOps practices - Hands-on experience with modern application security tooling - Proven ability to influence and partner with R&D leaders - Strong communication skills with the ability to simplify complex topics - Leadership or team-building experience preferred Bonus Points - SaaS or cybersecurity industry experience - Relevant certifications (CISSP, CSSLP, etc.) - Experience in high-growth or global environments Base Salary Range: $190,000 – $226,000 (plus bonus and benefits) Join the Kaseya growth rocket ship and see how we are #ChangingLives ! Additional information Kaseya provides equal employment opportunity to all employees and applicants without regard to race, religion, age, ancestry, gender, sex, sexual orientation, national origin, citizenship status, physical or mental disability, veteran status, marital status, or any other characteristic protected by applicable law.