Senior Security Engineer, Vulnerability & Exposure Management

As a Senior Security Engineer focused on Vulnerability and Exposure Management, you will own and evolve how Bridgewater identifies, understands, and prioritizes security exposures across the firm. This is not a patch-management role. It is a senior individual contributor position with end-to-end accountability for turning raw vulnerability data into risk-informed decisions that actually matter to Bridgewater.

You will overhaul our vulnerability and exposure management program by applying an adversarial mindset and sound engineering judgment. Many vulnerabilities do not represent meaningful risk when viewed in context; asset criticality, compensating controls, exploitability, and attacker positioning matter. Your job is to separate signal from noise, explain why something matters (or doesn’t), and drive remediation that measurably reduces attack surface and enterprise risk.

• Risk-Informed Vulnerability & Exposure Management: Own the full lifecycle of vulnerabilities and exposures, from detection to validation, enrichment, prioritization, and remediation, grounded in realistic attacker behavior and business impact.
• Adversarial & Offensive Thinking: Apply experience from incident response, penetration testing, or exploitation to assess what an attacker can actually do, not just what scanners report.
• Signal Quality & Noise Reduction: Eliminate baseline vulnerability noise by validating findings, collapsing duplicates, and enriching results with context that drives confident decision-making.

Design and engineer scalable solutions that integrate vulnerability data, asset context, threat intelligence, and risk scoring into a coherent system.

Translate technical findings into clear, defensible narratives for engineers, product owners, and risk stakeholders, explaining both urgency and deprioritization with credibility.

• Own Bridgewater’s vulnerability and exposure management program from detection through remediation and risk acceptance.
• Define what “matters” from a vulnerability perspective and continuously refine that bar.

• Validate vulnerabilities through technical analysis and, where appropriate, hands-on exploitation.
• Apply a consistent risk methodology that accounts for asset criticality, data sensitivity, exposure (internal vs. external), exploitability, attacker prerequisites, and compensating controls.

• Convert raw findings into prioritized, decision-relevant outputs aligned to enterprise risk.
• Clearly articulate why a vulnerability is critical, acceptable, or noise.

• Work directly with application and service owners to drive remediation of high-impact issues.
• Build trust by providing clear logic, not mandates, and by respecting engineering realities.

• Provide Detection & Response teams with context and prioritization guidance for zero-days and emerging threats.
• Support response efforts without owning real-time containment or incident handling.

• Bridgewater has a clear understanding of its most meaningful security exposures.
• High-impact vulnerabilities and attack paths are identified early and prioritized.
• Stakeholders receive enriched, high-fidelity insights, not raw scanner output.
• Remediation efforts are efficient, targeted, and visibly reduce enterprise risk.
• Vulnerability management is trusted as a decision-making function, not a ticket factory.

• 10+ years of experience in security engineering, vulnerability management, incident response, or offensive security.
• Prior experience in incident response, penetration testing, red teaming, or exploitation is strongly preferred.
• Demonstrated ownership of complex security programs as a senior individual contributor.

• Deep understanding of vulnerability classes across infrastructure, cloud, and applications.
• Strong grasp of exploitability, attack paths, privilege escalation, and real-world attacker tradecraft.
• Experience validating vulnerabilities beyond scanner output.
• Familiarity with cloud platforms, modern enterprise environments, and defense-in-depth controls.
• Ability to engineer solutions that integrate data from multiple security and asset sources.

• Exceptional ability to explain technical risk to engineers and non-security stakeholders.
• Trusted partner mindset, credible, pragmatic, and outcome-focused.
• Comfortable being accountable for decisions and program outcomes.

This role is ideal for someone who has felt the pain of real incidents or exploitation, understands how attackers think, and wants to build a vulnerability and exposure management program that prioritizes reality over noise.

This role is offered with fully remote flexibility and can be performed from anywhere within the United States. This approach is role specific, and each team will have some slight variations that we will be able to describe in more detail throughout the recruiting process.

Compensation  

The wage range for this role is $335,000 - $475,000 inclusive of base salary and discretionary target bonus. The expected base salary for this role is between 70% - 80% of this wage range.  

Why Choose Bridgewater?  

It takes all types to make Bridgewater great. We seek a diverse group of innovative thinkers and push them to engage in rigorous and thoughtful inquiry. We develop people through an honest examination of their abilities and performance, enabling personal growth and professional development. We strive to provide you opportunities that will challenge you and unlock your potential.  

One of our core priorities at Bridgewater is to enable our employees to build a great life and career, and we believe our benefits are an important extension of that philosophy. As such, currently Bridgewater offers a competitive suite of benefits.  

Explore more information about Bridgewater’s benefits on our website here. 

Bridgewater reserves the right to change its current benefits program at any time, in a manner that is consistent with applicable federal and state regulations. 

This job description is not a contract and confers no contractual rights, privileges, or benefits on any applicant or potential applicant. Bridgewater has the right to change any and all terms of this job description, including, but not limited to, job responsibilities, qualifications and benefits. Nothing in this job description constitutes an offer or guarantee of employment. Please note that we do not provide immigration sponsorship for this position. 

Bridgewater Associates, LP is an Equal Opportunity Employer