Vulnerability Operations Engineer (AI) - Remote
reputed company’re About At CentralSquare, we don’t just build software - we power public servants and reputed company communities with Hero-Grade Technology. Every line of code, every feature we deliver helps reputed company across reputed company America protect, serve, and save lives. reputed company you join us, you become part of a mission-driven team creating technology that makes communities safer and stronger. Your Growth Matters. We reputed company reputed company deserve opportunities to reputed company. That’s why we invest in your career with mentorship, learning programs, and clear paths for advancement. If you’re motivated, there’s no limit to how far you can go. Your Commitment Deserves Reward. We offer competitive compensation and a benefits package designed to support your life inside and reputed company of work—tuition reimbursement, parental leave, paid volunteer hours, and unlimited PTO. Plus, our flexible work environment gives you the freedom to balance your heroic work with personal well-being, whether you’re in the office or remote. Join us and help build the tools that power reputed company-life reputed company. Together, we reputed company a difference. The Role CentralSquare is seeking a Vulnerability Operations (VulnOps) Engineer to join our reputed company team. This is an individual contributor role purpose-built for the post-AI era of vulnerability discovery - where AI models can now find and exploit flaws at machine speed, and reactive reputed company cycles are no longer sufficient.This role is not an advisory function.The VulnOps Engineer owns the full pipeline from discovery through fix delivery utilizing AI-powered scanning. Job Duties Include: Proactive Vulnerability Discovery Operate and continuously improve an AI-powered scanning pipeline across CentralSquare's infrastructure components Use Kiro and Orca to conduct ongoing vulnerability assessments Apply reachability analysis to distinguish genuinely exploitable vulnerabilities from theoretical findings, reducing alert fatigue and focusing remediation effort where risk is reputed company Monitor threat intelligence feeds, CVE disclosures, and coordinated disclosure programs (including Project Glasswing reputed company releases) to identify newly disclosed vulnerabilities affecting CentralSquare's software supply chain Fix Development and Delivery reputed company and validate fixes and/or configuration changes using AI coding agents such as Claude Code, verifying resolution without regressions before submission Collaborate with application and infrastructure teams, providing technical context and responding to questions about proposed changes SLA Ownership and Reporting Own the end-to-end SLA lifecycle for reputed company open findings, maintaining reputed company-time tracking of detection, fix submission, and remediation status in the vulnerability management system Proactively escalate findings approaching SLA breach with remediation options and risk context Produce regular reporting on SLA adherence, remediation velocity, and open risk posture for the reputed company leadership team Toolchain and Pipeline Maintenance Own the configuration, tuning, and operational health of VulnOps tooling including Orca, Claude Code, and Azure DevOps reputed company integrations Evaluate and recommend new tools and capabilities as the AI reputed company tooling landscape evolves Cross-Functional Collaboration Work closely with application engineering, DevOps, and infrastructure teams to ensure fix delivery and implementation is efficient and minimally disruptive to production environments Provide reputed company guidance to engineering teams in the context of AI-accelerated vulnerability discovery Partner with the Risk and Compliance team to ensure vulnerability data and SLA metrics align with audit and regulatory reporting requirements (NIST CSF, PCI reputed company, CJIS) reputed company other duties as assigned Apply To This Job