Cybersecurity Attack Surface Management Team Lead SailPoint is seeking an Attack Surface Management (ASM) Team Lead to lead the technical strategy and execution of our enterprise-wide ASM program. As a critical member of our Vulnerability Management team, you will be our foremost expert dedicated to mapping, analyzing, and reducing our digital footprint. This is a senior, hands-on technical role for an analyst who wants to drive the cultural and technical shift from reactive vulnerability management to proactive, threat-informed exposure management. You will join a growing and capable team of both emerging and established talent. At SailPoint, we value our "4 I's" (Integrity, Individuals, Impact, and Innovation), and we're looking for someone who embodies these principles. By being your authentic self, you will be a positive and influential contributor to our already fantastic work culture. This is a challenging and high-impact role where you will have the opportunity to build strong partnerships with colleagues across IT, DevOps, Product Engineering, Security Architecture, and our Cyber Defense Operations Center. This role is remote and reports directly to the Head of Vulnerability Management. What You'll Do (Core Responsibilities): Own the Attack Surface Map: - Architect, implement, and operate our ASM program to create and maintain a definitive, real-time inventory of all external and internal digital assets (e.g., domains, IPs, cloud resources, code repositories, SaaS exposures). - Proactively hunt for and illuminate "Shadow IT" and other unknown assets, ensuring they are brought under the governance of our security framework. ​Drive Risk-Based Prioritization: - Serve as the primary liaison between ASM and our Threat Intelligence, Red Team, and Vulnerability Management functions. - Synthesize data from ASM tools, threat feeds, and offensive security findings to transform raw exposure data into a prioritized, actionable risk plan. Focus the organization on the vulnerabilities that matter most. Lead the Remediation Lifecycle: - Act as the technical lead for remediating complex, cross-functional exposures. You will track remediation progress, define and monitor SLAs, and act as a subject matter expert to help asset owners understand and fix identified issues. Automate and Integrate: - Develop scripts and integrations (primarily in Python) to connect ASM data with our broader security ecosystem (e.g., CMDB, SIEM, SOAR). - Continuously seek out and implement opportunities to automate discovery, enrichment, and reporting to improve program efficiency and reduce analyst toil. Mentor and Influence: - Provide technical guidance and mentorship to other analysts on the team, elevating the overall skill set of the group. - Translate complex technical findings into clear, concise reports and presentations for technical peers, stakeholders, and executive leadership. What You'll Need (Must-Have Experience & Skills): - 7+ years in Cybersecurity, with 3+ years in a senior, hands-on role focused specifically on Attack Surface Management (EASM/CAASM), Threat Intelligence, or Offensive Security. - Expert-level, hands-on experience with modern ASM platforms and vulnerability scanners (e.g., CrowdStrike, Tenable, Qualys, CyCognito etc). - Demonstrable proficiency in a scripting language (Python strongly preferred) used for API integration, data analysis, and automation. You should be able to provide examples of past automation projects. - Deep technical understanding of the internet ecosystem: TCP/IP, DNS, TLS/SSL certificate management, domain registration, and BGP. - Strong familiarity and experience with modern cloud environments (AWS, Azure, GCP), including knowledge of common services, configurations, and associated attack vectors. What Will Set You Apart (Bonus Points): - Experience with Breach and Attack Simulation (BAS) platforms. - A background in penetration testing, red teaming, threat intelligence, or threat hunting. - Experience building and presenting executive-level dashboards that track ASM KPIs and demonstrate ROI. - Relevant certifications such as AWS CCP, CEH, GPEN, OSCP etc. - Contributions to the security community (e.g., open-source tools, conference talks, blog posts). Leadership Qualities for This Role: - Pragmatic & Results-Oriented: You make informed, risk-based decisions that balance business priorities with security needs to achieve measurable outcomes. - Influence & Collaboration: You have a proven ability to build strong, collaborative relationships across diverse technical teams and drive change without direct authority. - An Analytical & Investigative Mindset: You possess an innate curiosity and a structured approach to problem-solving, with a talent for turning ambiguous data into a clear action plan. - Clear Communicator: You can distill complex technical concepts into clear, concise language for a variety of audiences, from junior analysts to senior executives. Benefits and Compensation listed vary based on the location of your employment and the nature of your employment with SailPoint. As a part of the total compensation package, this role may be eligible for the SailPoint Corporate Bonus Plan or a role-specific commission, along with potential eligibility for equity participation. SailPoint maintains broad salary ranges for its roles to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect SailPoint’s differing products, industries, and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. We estimate the base salary, for US-based employees, will be in this range from (min-mid-max, USD): $104,800 - $176,646.00Base salaries for employees based in other locations are competitive for the employee’s home location. Benefits Overview 1. Health and wellness coverage: Medical, dental, and vision insurance 2. Disability coverage: Short-term and long-term disability 3. Life protection: Life insurance and Accidental Death & Dismemberment (AD&D) 4. Additional life coverage options: Supplemental life insurance for employees, spouses, and children 5. Flexible spending accounts for health care, and dependent care; limited purpose flexible spending account 6. Financial security: 401(k) Savings and Investment Plan with company matching 7. Time off benefits: Flexible vacation policy 8. Holidays: 8 paid holidays annually 9. Sick leave 10. Parental support: Paid parental leave 11. Employee Assistance Program (EAP) and Care Counselors 12. Voluntary benefits: Legal Assistance, Critical Illness, Accident, Hospital Indemnity and Pet Insurance options 13. Health Savings Account (HSA) with employer contribution SailPoint is an equal opportunity employer and we welcome all qualified candidates to apply to join our team. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other category protected by applicable law. Alternative methods of applying for employment are available to individuals unable to submit an application through this site because of a disability. Contact applicationassistance@sailpoint.com or mail to 11120 Four Points Dr, Suite 100, Austin, TX 78726, to discuss reasonable accommodations. NOTE: Any unsolicited resumes sent by candidates or agencies to this email will not be considered for current openings at SailPoint.