Dragos is on a relentless mission to defend industrial organizations that provide us with the necessities of modern civilization; running water, functioning electricity, and safe industrial working environments. As the market leader in ICS/OT Cybersecurity, we are dedicated to arming our customers with best-in-class technology, threat intelligence, and services to protect their systems as effectively and efficiently as possible. We’re a remote-first culture with operations in North America, Europe, the Middle East, and APAC. We’re looking for mission-oriented teammates who embody our core values of authenticity, transparency, and trust. Are you ready to make a difference? Come join a mission that can save the world!

About the Role:

Dragos is seeking an experienced Vulnerability Analyst to join our Vulnerability Analysis Content Team. In this position you will play a critical role in transforming vulnerability data from public sources into actionable intelligence tailored for operational technology (OT) environments. Working alongside a team of analysts and engineers, you will be responsible for evaluating, curating, enriching, and contextualizing vulnerability information from CVEs, NVD, vendor advisories, and various other sources to deliver high-quality findings to our customers. This role directly supports Dragos's mission to safeguard industrial infrastructure by producing timely, accurate, and OT-relevant vulnerability intelligence.

Responsibilities:

• Evaluate vulnerability disclosures from CVEs, NVD, KEV, CISA, vendor advisories, and other public sources to assess relevance and impact to OT environments.

• Curate and prioritize vulnerability information based on asset criticality, exploitability, and operational impact to industrial systems.

• Own the technical strategy for vulnerability content standards, including analysis methodologies, quality benchmarks, and content review.

• Enrich vulnerability data by mapping affected products, firmware versions, and asset classifications to ensure comprehensive coverage.

• Translate technical vulnerability details into actionable, OT-contextualized content for the Dragos platform, including advisories, asset mappings, and mitigation guidance.

• Leverage platform telemetry and maintain product catalogs to identify detection gaps, prioritize coverage, and improve content accuracy.

• Mentor junior and mid-level analysts, providing technical guidance and quality review of content outputs.

• Lead cross-functional initiatives with engineering teams to improve content creation workflows, validation processes, and delivery pipelines.

• Monitor emerging vulnerability sources and feeds to ensure timely coverage and identify gaps in existing content.

• Drive continuous improvement of team processes, content standards, and analysis methodologies.

Qualifications:

• 6+ years of experience in vulnerability analysis, vulnerability management, or a related technical security discipline.

• 2+ years of hands-on experience with ICS/OT technologies, including PLCs, RTUs, HMIs, SCADA systems, or industrial networking protocols (Modbus, DNP3, Ether Net/IP, OPC, etc.).

• Strong understanding of CVE lifecycle, CVSS scoring, CPE (Common Platform Enumeration), and vulnerability advisory interpretation.

• Strong working knowledge of vulnerability databases, threat intelligence feeds, and security content platforms.

• Demonstrated ability to map vulnerabilities to affected products, firmware versions, and asset inventories.

• Proven ability to produce clear, accurate, and actionable technical content for diverse audiences.

• Proficiency with git workflows, branching strategies, and code review processes.

• Familiarity with command-line tooling and scripting languages (Python or similar) for workflow automation.

• Strong communication and collaboration skills with the ability to mentor others and influence content quality standards.

• Background in asset management, configuration management, or IT/OT inventory systems is beneficial.

• Prior experience in critical infrastructure sectors (energy, manufacturing, water, transportation) is nice to have.

Compensation:

• Salary: $145,000

• Competitive Equity Package

• Comprehensive Benefits Plan

Dragos is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, state, or local laws. All new hires must pass a background check as a condition of employment.