Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Staff Vulnerability Management Analyst- AI Automation Security Researcher

UKG

Vulnerability Discovery & Security Research (40%) Conduct deep-dive source code audits of UKG products (Java, .NET, Python, JavaScript) to discover novel vulnerabilities — examples could be hardcoded secrets, authentication bypasses, injection flaws, cryptographic weaknesses, access control gaps, unsafe deserialization, etc. Develop working proof‑of‑concept exploits that demonstrate real impact — not theoretical risk, but provable exploitation with clear data exposure or access escalation. Perform variant analysis: when you find a bug, systematically search the entire codebase for every instance of the same root‑cause pattern. Triage and validate findings from automated scanners (SAST, DAST, SCA) — separate real vulnerabilities from false positives using source‑level analysis. Investigate and reproduce externally reported vulnerabilities (bug bounty, CVEs, vendor advisories) to assess actual exploitability in UKG's environment. Collaborate with engineering teams on remediation — not just filing tickets, but working with developers to design, validate fixes, and drive to remediation. Build AI‑assisted vulnerability discovery tools using automation (Claude, MCP servers, custom models, etc.) for automated source code analysis, vulnerability pattern matching, and exploit generation. Develop autonomous security scanning agents that can analyze codebases, identify vulnerability patterns, and produce validated findings with minimal human intervention. Build automated vulnerability lifecycle pipelines: intake from scanners, AI‑assisted triage and deduplication, intelligent ticket routing, SLA tracking, and remediation verification. Contribute to the team's shared automation repositories and Claude Code skills store — every tool you build should be reusable by the rest of the team. Support vulnerability management program metrics and dashboards — contribute to reporting that gives leadership real‑time visibility into risk posture. Support compliance‑driven vulnerability management requirements, including FedRAMP continuous monitoring and POA&M processes, as UKG expands into federal markets. Publish internal/external research on novel vulnerability classes, AI‑assisted discovery techniques, and lessons learned from audits. Stay current on emerging vulnerability classes, exploitation techniques, and defensive patterns relevant to UKG's technology stack. Mentor other team members on vulnerability research methodology, source code analysis, and AI‑augmented security tooling. Qualifications 7+ years of hands‑on experience in vulnerability research, application security, or penetration testing — with a track record of finding real vulnerabilities in production software. Demonstrated ability to read and audit source code in at least two of: Java, C#/.NET, Python, JavaScript/TypeScript, Go, C/C++. Experience developing working proof‑of‑concept exploits — not just scanning, but understanding root causes and proving exploitability. Strong proficiency in Python for building security tools, automation pipelines, and integrations. Experience with AI/ML tools for security — using LLMs for code analysis, building AI‑assisted security tooling, or developing autonomous security agents. Deep understanding of common vulnerability classes: injection (SQL, command, LDAP), broken authentication, cryptographic failures, SSRF, deserialization, path traversal, access control, and their variants. Experience with vulnerability management programs — triaging, tracking, and driving remediation of vulnerabilities across engineering organizations. Ability to work directly with development teams — explaining vulnerabilities, reviewing proposed fixes, and validating remediations. Excellent written communication — ability to produce clear vulnerability reports, technical documentation, and executive summaries. Bachelor's degree in Computer Science, Cybersecurity, or equivalent experience. Published CVEs, security advisories, or bug bounty findings in production software. Experience in SaaS/multi‑tenant environments processing sensitive data (HCM, payroll, healthcare, financial). Familiarity with SAST/DAST/SCA tooling and how to reduce false positive rates through source‑level validation. Experience with cloud security assessment (AWS, GCP, Azure) including container and Kubernetes vulnerability analysis. Familiarity with FedRAMP, NIST SP 800‑53, or federal compliance frameworks — enough to understand vulnerability remediation timelines and reporting requirements in regulated environments. Security certifications that demonstrate hands‑on skill: OSCP, OSWE, GWAPT, GXPN, BSCP, or equivalent. Conference presentations, published research, or open‑source security tool contributions. Experience with reverse engineering, binary analysis, or firmware security. #J-18808-Ljbffr UKG

Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the Staff Vulnerability Management Analyst- AI Automation Security Researcher in Boston, MA vacancy
  • UKG based in Boston, Massachusetts seeks a skilled professional in vulnerability discovery and security research. The role involves conducting source code audits across various programming languages to uncover vulnerabilities and collaborating closely with engineering teams... 
    Suggested

    UKG

    Boston, MA
    1 day ago
  • A leading marketing automation platform in Boston is looking for a Senior Security Engineer to enhance its security observability capabilities. The role involves building...  ...systems for detection and response, developing AI-first security solutions, and responding to... 
    Suggested

    Klaviyo Inc.

    Boston, MA
    4 days ago
  • WHOOP is seeking a Staff Machine Learning Engineer in Boston to drive the research, development, and deployment of large-scale multimodal models. The role requires advanced expertise in machine learning and deep learning, with responsibilities including designing models... 
    Suggested

    Femtech Insider Ltd.

    Boston, MA
    3 days ago
  • $215k - $260k

     ...healthier choices and peak performance. We are seeking a Staff Machine Learning Engineer to join our Foundation AI team. This team builds the multimodal foundation...  ...as a senior individual contributor driving the research, development, and deployment of large-scale... 
    Suggested
    Full time
    Work at office
    Relocation

    Femtech Insider Ltd.

    Boston, MA
    2 days ago
  • $40 per hour

    A cybersecurity technology company is seeking experienced cybersecurity professionals to join their team remotely. You will assess AI-generated content and solve complex cybersecurity challenges, contributing to the improvement of AI models. Candidates should have over... 
    Suggested
    Remote job
    Hourly pay

    DataAnnotation

    Boston, MA
    2 days ago
  • $40 per hour

    A cybersecurity company is seeking experienced professionals for a role that involves evaluating AI-generated security content and solving technical problems to improve AI systems. Candidates should have at least 2 years of experience in cybersecurity, writing skills, and... 
    Remote job
    Hourly pay
    Flexible hours

    DataAnnotation

    Boston, MA
    5 days ago
  • $180k - $200k

     ...help organizations move AI out of experimentation...  ...system for autonomous vulnerability discovery, exploit...  ...reverse engineering, and security reporting. You’ll...  ...and turn exploratory research into repeatable security...  ...and comfort building automation around security tools... 

    Lazarus

    Boston, MA
    1 day ago
  • A technology consultancy is seeking experienced cybersecurity professionals to evaluate AI-generated security content and solve technical problems. The role requires 2+ years of hands-on cybersecurity experience and offers remote flexibility across several countries. Candidates... 
    Remote job
    Flexible hours

    DataAnnotation

    Boston, MA
    2 days ago
  • $180k - $240k

     ...Lead Security Engineer Boston or Bay Area, hybrid preferred...  ...Us Liberate builds AI agents to automate manual tasks for the $2.7T...  ...including secrets handling, key management patterns, and blast radius...  ...Incident Readiness And Vulnerability Management Lead product... 
    Work at office
    Shift work

    Liberate

    Boston, MA
    3 days ago
  • $120k - $180k

     ...creators to own their destiny. Our AI-first B2C CRM platform...  ...exciting opportunity within the Security Trust and Risk (STAR) team...  ...problems using technology, embrace automation and AI, and support Klaviyo's...  ...flow efficiently into risk management workflows Implement and... 

    Klaviyo Inc.

    Boston, MA
    4 days ago
  • The Massachusetts Institute of Technology (MIT) seeks a Postdoctoral Research Associate to support research on real-world driving behavior and automation using multimodal data. This role involves collaboration with senior researchers, developing data extraction and analysis... 

    Massachusetts Institute of Technology (MIT)

    Cambridge, MA
    2 days ago
  • $160k - $195k

     ...Vulnerability Management Data Analyst Princeton NJ or Berwyn PA or Clifton, NJ or Austin, TX or Atlanta,...  ...for: Use your understanding of Security Data Science and Graph Theory to...  ...mathematical modeling techniques to research and understand behaviors and interactions... 
    Full time
    Work at office

    Syntricate Technologies

    Boston, MA
    4 days ago
  • Klaviyo Inc. is seeking a highly motivated Senior Security Compliance Engineer to join our Security Trust &...  ...Compliance team. This individual will design and optimize automated solutions to enhance compliance operations and manage risks across all systems. The ideal candidate has... 

    Klaviyo Inc.

    Boston, MA
    4 days ago
  • $192k - $278k

     ...productivity without compromising security by ensuring every...  ...enterprise password manager and pioneered Unified...  ...for the way people and AI agents work today. As one...  ...We're looking for a Staff Security Engineer to found...  ...Strong scripting and automation skills in Python, Bash,... 
    Currently hiring
    Local area
    Remote work
    Work from home

    1password

    Boston, MA
    29 days ago
  • Hopper is seeking a Senior Security Engineer to lead security tooling and automation. In this role, you will enhance our vulnerability management program and integrate security into CI/CD processes. The ideal candidate has 5+ years of engineering experience, expertise... 
    Shift work

    Hopper

    Boston, MA
    4 days ago
  • A technology company is seeking experienced cybersecurity professionals to evaluate AI-generated security content and solve technical problems to train AI systems. You will work remotely and enjoy a flexible schedule while helping shape the future of AI technologies for... 
    Remote job
    Hourly pay
    Flexible hours

    DataAnnotation

    Boston, MA
    3 days ago
  • $215k - $260k

     ...understanding of their bodies, behaviors, and daily lives, WHOOP empowers healthier choices and peak performance. We are seeking a Staff AI/ML Researcher to join our Foundation AI team. This team builds the multimodal foundation models that underpin WHOOP’s next generation of... 
    Full time
    Work at office
    Relocation

    Whoop

    Boston, MA
    3 days ago
  • $184k - $223k

    Obsidian Security is seeking a Staff Product Manager for AI Governance & Supply Chain Integration Risk. The role involves leading product strategy and execution, focusing on reducing third-party risk and making AI governance understandable. Candidates should have over... 

    Obsidian Security

    Boston, MA
    3 days ago
  • $95k - $105k

     ...Engineer in Test (SDET) and help shape the automation platforms that product development teams...  ...and operate solutions that help clients manage data, automate processes, and scale their...  ...teams can self-serve effectively. Use AI-assisted tooling to accelerate development... 
    Ongoing contract
    Internship

    Blue Prism Group

    Boston, MA
    4 days ago
  • $172k - $236.5k

     ...combines analog, digital, AI, and software...  ...drive advancements in automation and robotics, mobility,...  ...Bringing together engineers, research scientists, and business...  ...short.We are seeking a Staff Research Scientist, AI-...  ...Bureau of Industry and Security and/or the U.S. Department... 
    Permanent employment
    Work at office
    Day shift

    Analog Devices

    Boston, MA
    3 days ago
  • $121.4k - $218.6k

     ...hardware and software used. We build automation infrastructure for...  ...development Have experience in managing and troubleshooting Juniper or...  ...world work faster and stay more secure, making the internet a better...  ...moments without a glitch. AI : Enabling our customers to build... 
    Work experience placement
    Work at office
    Worldwide

    Akamai

    Cambridge, MA
    5 days ago
  • $140k - $180k

     ...Principal Security Engineer The Principal Security Engineer role...  ...of due diligence, discovery, vulnerability remediation, integration strategy...  ...Understanding of Generative AI and Agentic principles ~...  ...knowledge of identity and access management best practices, current... 
    Full time
    Local area
    Monday to Friday
    Flexible hours
    Shift work

    Citizens Financial Group, Inc.

    Boston, MA
    3 days ago
  • $141.6k - $212.4k

    Senior Security Engineer - Detection and Response IT & Security At Klaviyo, we...  ...for detection and response Develop AI-first security systems to automate detection and response operations...  ...skills Team player with a strong, self-managing work ethic We use Covey as part of... 

    Klaviyo

    Boston, MA
    4 days ago
  • About the Role Hopper's Security team is small by design and consequential...  ..., you'll own the tooling, automation, and processes that keep...  ...code, ship tools, and use AI as a core part of how you...  ...like Own and evolve our vulnerability management program with a focus on... 
    Work from home
    Shift work

    Hopper

    Boston, MA
    4 days ago
  • $130k - $170k

     ...medical technology company using AI to help clinicians make more...  ...and strokes! You are a security engineer who likes being close...  ...including fluency in common vulnerability classes (OWASP Top 10 and beyond...  ...or a similar language for automation. Strong communication and a... 
    Work at office
    Remote work
    Flexible hours

    eLucid

    Boston, MA
    5 days ago
  •  ...on for policy administration, client management, analytics, billing, and more. This company...  ...invested in AWS infrastructure, security, automation and scalability to support insurance...  ...image builds Prior experience in vulnerability management and incident/threat... 
    Full time
    Contract work
    Temporary work
    Remote work
    Worldwide
    Flexible hours

    Motion Recruitment

    Boston, MA
    3 days ago
  • $114.48k - $170.07k

     ...AI Security Architect Together we fight for everyone's opportunity for a better financial...  ...governance frameworks, guardrails, and risk management practices aligned with enterprise...  ...Leadership Develop, motivate and direct staff to create a team environment, and enable... 
    Part time
    Work experience placement
    Local area
    Flexible hours

    Voya Financial

    Boston, MA
    4 days ago
  •  ...provides a data and AI platform that...  ...to control risk, manage costs and scale efficiently...  ...built in such as security, compliance...  ...Summary As a Staff Security Engineer...  ...initiatives, build automation and tooling that multiplies...  ..., drive vulnerability disclosure investigations... 
    Remote work

    EDB

    Boston, MA
    2 days ago
  •  ...scale robotics software testing organization. Define our overall test strategy, frameworks, and leveraging AI tools and AWS cloud CI/CD pipelines to accelerate automation. Primary Responsibilities: Strategy & Leadership: Assess complex requirements to... 
    Permanent employment
    Full time

    Apolis

    Boston, MA
    1 day ago
  • $100k

     ...services, and learning management solutions to education...  ...product and UX researcher who turns questions into...  ...standards, and a modern AI layer that lets a small...  ...days alongside teachers, staff, administrators,...  ...— building agents or automating parts of the research... 
    Temporary work
    Local area

    Nelnet

    Boston, MA
    2 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Staff Vulnerability Management Analyst- AI Automation Security Researcher. Be the first to apply!