[Hiring] Security Engineer - Vulnerability Management @GoDaddy

Role Description

Join GoDaddy’s Vulnerability Management team, part of the Information Security organization, responsible for maintaining strong security hygiene and driving high-impact initiatives that improve transparency and strengthen our overall security posture!

We are looking for a Vulnerability Management Engineer to develop the architecture and capability roadmap that supports the strategic goals of GoDaddy Global Security. In this role, you will work closely with cross-functional teams to find vulnerabilities across our global infrastructure. You will assist in fixing these issues, support internal partners, and help protect GoDaddy’s growing attack surface as the company expands.

What you'll get to do:

• Craft and implement security solutions to identify risks, build capability roadmaps, and secure GoDaddy’s infrastructure—both cloud and on-prem—through vulnerability scanning, perimeter validation, and remediation support.
• Conduct detailed vulnerability assessments, impact analysis, and perimeter scanning using tools like Tenable and Qualys; validate results and provide actionable recommendations and mitigation plans.
• Monitor and report data for the Vulnerability Management Program from internal and external sources.
• Collaborate with compliance teams to ensure appropriate scanning, testing, reporting, and mitigation efforts meet compliance standards, while also supporting validation of false positives and user remediation efforts.
• Drive process maturity and automation by developing policies, tools, practices, and partnerships to enhance security operations and improve efficiency and throughput.
• Provide leadership and mentorship to team members while maintaining updated knowledge on evolving threat landscapes, attacker techniques, and effective countermeasures.

Qualifications

• 5+ years of experience in vulnerability management within mid-to-large IT organizations, especially in cloud environments; proven track record in security risk assessments, web and network vulnerability scanning, reporting, and threat modeling.
• Strong hands-on experience with AWS Cloud security, including defining and implementing security controls; In-depth knowledge of desktop and server OS like RedHat/CentOS Linux and Windows Server.
• Conducting detailed vulnerability assessments, impact analysis, perimeter scanning using tools like Tenable and Qualys, and identifying and remediating zero-day vulnerabilities and other critical risks.
• Experience crafting automated security solutions using scripting or programming languages such as Python, Shell/BASH, Ruby, Java, C/C++, Perl.
• Ability to craft and implement security solutions, identify risks, and build capability roadmaps.
• Proficient in tracking/reporting key vulnerability management metrics, monitoring threats, collaborating with compliance teams for scanning/testing/reporting, supporting user remediation and false positives; skilled in tools like Microsoft Office Suite, Jira, ServiceNow.

Requirements

• Bachelor’s Degree in a relevant field or equivalent work experience.
• Expert in designing and implementing vulnerability management controls aligned with major security standards (CIS, PCI-DSS, NIST, ISO 27001).
• Familiarity with CVSS, CWE, and vulnerability scoring methodologies.
• Experience with Tanium and BurpSuite tools.
• Hands-on experience in penetration testing.
• AI-related security experience or knowledge.

Benefits

• Paid time off.
• Retirement savings (e.g., 401k, pension schemes).
• Bonus/incentive eligibility.
• Equity grants.
• Participation in our employee stock purchase plan.
• Competitive health benefits.
• Other family-friendly benefits including parental leave.