Associate Principal Vulnerability Analyst

About the Role:

Dragos is seeking an experienced Vulnerability Analyst to join our Vulnerability Analysis Content Team. In this position you will play a critical role in transforming vulnerability data from public sources into actionable intelligence tailored for operational technology (OT) environments. Working alongside a team of analysts and engineers, you will be responsible for evaluating, curating, enriching, and contextualizing vulnerability information from CVEs, NVD, vendor advisories, and various other sources to deliver high-quality findings to our customers. This role directly supports Dragos's mission to safeguard industrial infrastructure by producing timely, accurate, and OT-relevant vulnerability intelligence.

Responsibilities:

• Evaluate vulnerability disclosures from CVEs, NVD, KEV, CISA, vendor advisories, and other public sources to assess relevance and impact to OT environments.
• Curate and prioritize vulnerability information based on asset criticality, exploitability, and operational impact to industrial systems.
• Own the technical strategy for vulnerability content standards, including analysis methodologies, quality benchmarks, and content review.
• Enrich vulnerability data by mapping affected products, firmware versions, and asset classifications to ensure comprehensive coverage.
• Translate technical vulnerability details into actionable, OT-contextualized content for the Dragos platform, including advisories, asset mappings, and mitigation guidance.
• Leverage platform telemetry and maintain product catalogs to identify detection gaps, prioritize coverage, and improve content accuracy.
• Mentor junior and mid-level analysts, providing technical guidance and quality review of content outputs.
• Lead cross-functional initiatives with engineering teams to improve content creation workflows, validation processes, and delivery pipelines.
• Monitor emerging vulnerability sources and feeds to ensure timely coverage and identify gaps in existing content.
• Drive continuous improvement of team processes, content standards, and analysis methodologies.

Qualifications:

• 6+ years of experience in vulnerability analysis, vulnerability management, or a related technical security discipline.
• 2+ years of hands-on experience with ICS/OT technologies, including PLCs, RTUs, HMIs, SCADA systems, or industrial networking protocols (Modbus, DNP3, EtherNet/IP, OPC, etc.).
• Strong understanding of CVE lifecycle, CVSS scoring, CPE (Common Platform Enumeration), and vulnerability advisory interpretation.
• Strong working knowledge of vulnerability databases, threat intelligence feeds, and security content platforms.
• Demonstrated ability to map vulnerabilities to affected products, firmware versions, and asset inventories.
• Proven ability to produce clear, accurate, and actionable technical content for diverse audiences.
• Proficiency with git workflows, branching strategies, and code review processes.
• Familiarity with command-line tooling and scripting languages (Python or similar) for workflow automation.
• Strong communication and collaboration skills with the ability to mentor others and influence content quality standards.
• Background in asset management, configuration management, or IT/OT inventory systems is beneficial.
• Prior experience in critical infrastructure sectors (energy, manufacturing, water, transportation) is nice to have.

Compensation:

• Salary: $145,000
• Competitive Equity Package
• Comprehensive Benefits Plan

#LI-JF1 #LI-REMOTE