Vanguard

EASMValidationAnalyst

$85–115k ~AI est. Malvern, Pennsylvania, United States FULL TIME Remote Friendly
Market Sentiment
HIGH DEMAND

Neural analysis suggests this role is
optimal for Mid+ candidates.

The Brief

“EASM Validation Analyst at Vanguard. Skills: Vulnerability Management, GenAI Security. Triage findings from EASM tools. Validate findings from EASM tools”

What You'll Achieve.

Scalable risk reduction

Industry & Context.

Problems you'll solve

Problem-solving; Analytical

What They're Looking For.

Must Have

2-5 years cybersecurity experience, 2-5 years vulnerability management experience, 2-5 years application security experience, Understand web security concepts, Understand API security concepts, Understand cloud security concepts, Understand network security concepts, Experience with vulnerability triage, Experience with vulnerability validation, Experience with risk prioritization, Familiarity with EASM tools, Familiarity with vulnerability management platforms, Knowledge of VDP programs, Knowledge of bug bounty programs, Knowledge of triage methodologies, Analytical skills, Problem-solving skills

Nice to Have

Scripting experience, Python scripting experience, PowerShell scripting experience, Bash scripting experience, Burp Suite experience, GenAI-assisted security tooling experience, ServiceNow VR/IRM experience, UVM platforms experience, SaaS knowledge, Cloud environments knowledge, AWS knowledge, Azure knowledge, Internet-exposed services knowledge

What You'll Do.

Triage findings from EASM tools

Validate findings from EASM tools

Triage VDP submissions

Validate VDP submissions

Triage GenAI capabilities

Validate GenAI capabilities

Perform technical validation

Eliminate false positives

Confirm exploitability risk

Assign severity based on risk frameworks

Enrich findings with evidence

Enrich findings with proof-of-concept

Enrich findings with remediation guidance

Drive findings through remediation workflows

Correlate findings across sources

Identify systemic risks

Identify duplicate exposures

Maintain triage playbooks

Improve triage playbooks

Maintain triage workflows

Improve triage workflows

Maintain standard operating procedures

Improve standard operating procedures

Administer EASM platforms

Support EASM platforms

Administer VDP platforms

Support VDP platforms

Manage integrations with enterprise systems

Ensure ingestion accuracy

Ensure workflow integrity

Monitor platform performance

Monitor platform uptime

Monitor SLA adherence

Support onboarding of new capabilities

Partner with application owners

Partner with infrastructure teams

Partner with security teams

Communicate risk clearly

Communicate risk actionably

Work with VDP researchers

Collaborate with vulnerability management leadership

Collaborate with EASM/VDP leadership

How You'll Work.

Team & Collaboration

Application owners; Infrastructure teams; Security teams; VDP researchers; Vulnerability management leadership; EASM/VDP leadership

Communication Scope

Communicate risk

Full Job Description

The External Attack Surface Management (EASM) Validation Analyst is responsible for triaging, validating, and operationalizing external security findings across EASM platforms, Vulnerability Disclosure Program (VDP), and GenAI-driven discovery capabilities. This role ensures that externally identified risks are accurate, prioritized appropriately, attributed to the correct owners, and driven toward remediation, enabling scalable risk reduction across the enterprise attack surface. Key Responsibilities * Triage and validate findings from EASM tools, VDP submissions, and GenAI-driven detection capabilities * Perform technical validation to eliminate false positives and confirm exploitability risk * Assign severity based on risk frameworks (CVSS, EPSS, KEV, asset criticality) * Identify and attribute ownership to responsible application, infrastructure, or business teams * Enrich findings with evidence, proof-of-concept, and remediation guidance * Drive findings through remediation workflows, tracking SLA adherence and escalation * Correlate findings across multiple sources to identify systemic risks or duplicate exposures * Maintain and improve triage playbooks, workflows, and standard operating procedures Platform & Operations Management * Administer and support EASM and VDP platforms (e.g., Censys, Defender EASM, HackerOne, BugCrowd) * Manage integrations with enterprise systems * Ensure data quality, ingestion accuracy, and workflow integrity across platforms * Monitor platform performance, uptime, and SLA adherence * Support onboarding of new capabilities, including GenAI detection pipelines Collaboration & Stakeholder Engagement * Partner with application owners, infrastructure teams, and security teams to drive remediation * Communicate risk in a clear, actionable manner for both technical and non-technical stakeholders * Work with VDP researchers when needed to clarify submissions and validate findings * Collaborate with broader vulnerability management and EAS

Free ATS check

Applying for this EASM Validation Analyst role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

How to Apply on Workday

  • Workday has a multi-step form — save your progress after every section.
  • "Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
  • Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
  • Job requisition numbers are useful when following up with HR by email.

ANONYMOUS · UNFILTERED

What do employees actually say about Vanguard?

Real rants from real employees. Read before you apply.

Read Company Rants →