Senior Vulnerability Assessment Analyst | LastPass | Remote (Portugal)
Posted 2025-09-08
Remote, USA
Full Time
Immediate Start
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><strong class=" font-semibold">About LastPass</strong><br />
<!-- -->LastPass is a leader in password and identity management, making it easier to log into life and work. Trusted by 100,000 businesses and millions of users, LastPass combines advanced security with effortless access for individuals, families, small business owners, and enterprise professionals. With LastPass, important credentials are protected and private – and always within reach.</p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><strong class=" font-semibold">We welcome new ideas, support your growth, and recognize your value, if this aligns with what you are looking for in your next career move, Join Us!</strong></p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><strong class=" font-semibold">LastPass is looking for Senior Vulnerability Assessment Analyst:</strong></p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">As a member of the Trust & Security team, you’ll play a key role in establishing a comprehensive and efficient vulnerability management program, empowering the organization to uphold the utmost levels of security and compliance. Your contribution will be instrumental in fostering a culture centered on security and resilience, as we strive to deliver the most secure and dependable services to all our customers.</p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><strong class=" font-semibold">If you are passionate about complex problem solving and motivated by scale, then this is the role for you!</strong></p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><strong class=" font-semibold">Who will you work with?</strong></p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">You will be part of our Security Posture and Attack Surface Engineering & Research (SPASER) team, collaborating closely with the wider Trust & Security teams. You will also work closely with various engineering and operational teams across the organization as part of the vulnerability management lifecycle, to assist in the resolution of vulnerabilities and propose improvements to our security posture.</p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><strong class=" font-semibold">What are some of the exciting challenges you will be working on?</strong></p>
<ul class=" text-base sm:text-lg marker:text-color list-inside list-disc text-gray-500 list-disc list-outside pl-3 mb-6">
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Conducting regular vulnerability assessments across our organization’s information systems, networks, and applications, both on-premise and in the cloud, using advanced automated scans and hands-on evaluation techniques.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Delving deep into vulnerability scan results to uncover potential risks, threats, and vulnerabilities that could impact our organization.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Crafting tailored testing strategies to tackle specific vulnerabilities or potential attack scenarios head-on.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Crafting polished, easily understandable reports and sharing our discoveries with key stakeholders, including our IT, Platform, and Software Engineering teams.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Offering expert recommendations for effective strategies to mitigate and resolve identified vulnerabilities.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Ensuring the accuracy of our vulnerability assessment findings, meticulously verifying and validating results, including identifying false positives and negatives.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Staying at the forefront of emerging threats, trends, and technologies in vulnerability management and cybersecurity, and adapting our methodologies accordingly.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Actively supporting the ongoing enhancement of our vulnerability management tools, refining their selection, configuration, and optimization to ensure they efficiently detect vulnerabilities while minimizing false alarms.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Keeping a vigilant eye on vulnerability status and trends over time to proactively address evolving threats.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Establishing robust metrics and reporting systems to continually evaluate the effectiveness of our vulnerability management program and pinpoint areas for improvement.</span></li>
</ul>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><strong class=" font-semibold">What does it take to work at LastPass?</strong></p>
<ul class=" text-base sm:text-lg marker:text-color list-inside list-disc text-gray-500 list-disc list-outside pl-3 mb-6">
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Previous demonstrable experience in conducting vulnerability assessments and related security testing.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Hands-on experience with leading vulnerability management tools, techniques, and methodologies in the industry.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Experience working with cloud environments and containerized workloads, such as Docker and Kubernetes.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Familiarity with vulnerability analysis in cloud native environments, including knowledge of cloud-specific security controls, best practices, and some experience with cloud security assessment tools and techniques.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Proficiency in scripting languages and programming commonly used in vulnerability management, like Python, PowerShell, or Bash, is expected for developing and maintaining trade-craft tools.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">A passion for security and a talent for discovering security vulnerabilities.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Strong critical thinking skills and an analytical mindset, paired with a commitment to continuously improving processes.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Ability to work autonomously with minimal supervision, demonstrating self-motivation to achieve objectives and deliver results effectively.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Effective written and verbal communication skills in English, with the ability to communicate and collaborate effectively with key stakeholders.</span></li>
</ul>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><strong class=" font-semibold">It’s great, but not required:</strong></p>
<ul class=" text-base sm:text-lg marker:text-color list-inside list-disc text-gray-500 list-disc list-outside pl-3 mb-6">
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Familiarity with OWASP vulnerability management and security testing guides/standards.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Cloud security focused certifications such as AWS Certified Security or other specialty certification or similar.</span></li>
</ul>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><strong class=" font-semibold">Why LastPass?</strong></p>
<ul class=" text-base sm:text-lg marker:text-color list-inside list-disc text-gray-500 list-disc list-outside pl-3 mb-6">
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Market-leading password manager</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">High-growth, collaborative environment with inclusive teams</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Remote first culture</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Competitive compensation</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Flexible Paid time off policies including but not limited to: Monthly self-care days (12 extra paid days off annually), volunteering days</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Generous Parental leave</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Comprehensive health coverage, dependents included</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Home office setup support</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">LastPass families free account up to 5 members</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Continuous learning and development opportunities</span></li>
</ul>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><strong class=" font-semibold"><em>Unlock your potential with us – your skills, experience, and unique perspective matter more than just checking the boxes. Apply today, and let’s build the future together!</em></strong></p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">We’re building an inclusive community that reflects the people of all races, genders, sexual orientations, national origins, backgrounds, and perspectives who share our world.</p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">For all US based jobs please review our <a href="https://www.lastpass.com/-/media/b839b4f6c9834080a07c23be15c11159.pdf" target="_blank" class="break-all font-medium underline hover:opacity-75" rel="noopener noreferrer nofollow">Applicant Privacy Notice</a></p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">For all EU based jobs please review our <a href="https://www.lastpass.com/-/media/f26b8d18efa74d3cb25a262c8bd523a9.pdf" target="_blank" class="break-all font-medium underline hover:opacity-75" rel="noopener noreferrer nofollow">Candidate Privacy Notice </a></p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">Please review our <a href="https://www.lastpass.com/-/media/f62849a2f1644911b4369d23a0206e05.pdf" target="_blank" class="break-all font-medium underline hover:opacity-75" rel="noopener noreferrer nofollow">CCPA Notice</a></p>
<!-- -->LastPass is a leader in password and identity management, making it easier to log into life and work. Trusted by 100,000 businesses and millions of users, LastPass combines advanced security with effortless access for individuals, families, small business owners, and enterprise professionals. With LastPass, important credentials are protected and private – and always within reach.</p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><strong class=" font-semibold">We welcome new ideas, support your growth, and recognize your value, if this aligns with what you are looking for in your next career move, Join Us!</strong></p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><strong class=" font-semibold">LastPass is looking for Senior Vulnerability Assessment Analyst:</strong></p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">As a member of the Trust & Security team, you’ll play a key role in establishing a comprehensive and efficient vulnerability management program, empowering the organization to uphold the utmost levels of security and compliance. Your contribution will be instrumental in fostering a culture centered on security and resilience, as we strive to deliver the most secure and dependable services to all our customers.</p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><strong class=" font-semibold">If you are passionate about complex problem solving and motivated by scale, then this is the role for you!</strong></p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><strong class=" font-semibold">Who will you work with?</strong></p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">You will be part of our Security Posture and Attack Surface Engineering & Research (SPASER) team, collaborating closely with the wider Trust & Security teams. You will also work closely with various engineering and operational teams across the organization as part of the vulnerability management lifecycle, to assist in the resolution of vulnerabilities and propose improvements to our security posture.</p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><strong class=" font-semibold">What are some of the exciting challenges you will be working on?</strong></p>
<ul class=" text-base sm:text-lg marker:text-color list-inside list-disc text-gray-500 list-disc list-outside pl-3 mb-6">
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Conducting regular vulnerability assessments across our organization’s information systems, networks, and applications, both on-premise and in the cloud, using advanced automated scans and hands-on evaluation techniques.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Delving deep into vulnerability scan results to uncover potential risks, threats, and vulnerabilities that could impact our organization.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Crafting tailored testing strategies to tackle specific vulnerabilities or potential attack scenarios head-on.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Crafting polished, easily understandable reports and sharing our discoveries with key stakeholders, including our IT, Platform, and Software Engineering teams.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Offering expert recommendations for effective strategies to mitigate and resolve identified vulnerabilities.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Ensuring the accuracy of our vulnerability assessment findings, meticulously verifying and validating results, including identifying false positives and negatives.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Staying at the forefront of emerging threats, trends, and technologies in vulnerability management and cybersecurity, and adapting our methodologies accordingly.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Actively supporting the ongoing enhancement of our vulnerability management tools, refining their selection, configuration, and optimization to ensure they efficiently detect vulnerabilities while minimizing false alarms.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Keeping a vigilant eye on vulnerability status and trends over time to proactively address evolving threats.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Establishing robust metrics and reporting systems to continually evaluate the effectiveness of our vulnerability management program and pinpoint areas for improvement.</span></li>
</ul>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><strong class=" font-semibold">What does it take to work at LastPass?</strong></p>
<ul class=" text-base sm:text-lg marker:text-color list-inside list-disc text-gray-500 list-disc list-outside pl-3 mb-6">
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Previous demonstrable experience in conducting vulnerability assessments and related security testing.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Hands-on experience with leading vulnerability management tools, techniques, and methodologies in the industry.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Experience working with cloud environments and containerized workloads, such as Docker and Kubernetes.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Familiarity with vulnerability analysis in cloud native environments, including knowledge of cloud-specific security controls, best practices, and some experience with cloud security assessment tools and techniques.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Proficiency in scripting languages and programming commonly used in vulnerability management, like Python, PowerShell, or Bash, is expected for developing and maintaining trade-craft tools.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">A passion for security and a talent for discovering security vulnerabilities.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Strong critical thinking skills and an analytical mindset, paired with a commitment to continuously improving processes.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Ability to work autonomously with minimal supervision, demonstrating self-motivation to achieve objectives and deliver results effectively.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Effective written and verbal communication skills in English, with the ability to communicate and collaborate effectively with key stakeholders.</span></li>
</ul>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><strong class=" font-semibold">It’s great, but not required:</strong></p>
<ul class=" text-base sm:text-lg marker:text-color list-inside list-disc text-gray-500 list-disc list-outside pl-3 mb-6">
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Familiarity with OWASP vulnerability management and security testing guides/standards.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Cloud security focused certifications such as AWS Certified Security or other specialty certification or similar.</span></li>
</ul>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><strong class=" font-semibold">Why LastPass?</strong></p>
<ul class=" text-base sm:text-lg marker:text-color list-inside list-disc text-gray-500 list-disc list-outside pl-3 mb-6">
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Market-leading password manager</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">High-growth, collaborative environment with inclusive teams</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Remote first culture</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Competitive compensation</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Flexible Paid time off policies including but not limited to: Monthly self-care days (12 extra paid days off annually), volunteering days</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Generous Parental leave</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Comprehensive health coverage, dependents included</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Home office setup support</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">LastPass families free account up to 5 members</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Continuous learning and development opportunities</span></li>
</ul>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><strong class=" font-semibold"><em>Unlock your potential with us – your skills, experience, and unique perspective matter more than just checking the boxes. Apply today, and let’s build the future together!</em></strong></p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">We’re building an inclusive community that reflects the people of all races, genders, sexual orientations, national origins, backgrounds, and perspectives who share our world.</p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">For all US based jobs please review our <a href="https://www.lastpass.com/-/media/b839b4f6c9834080a07c23be15c11159.pdf" target="_blank" class="break-all font-medium underline hover:opacity-75" rel="noopener noreferrer nofollow">Applicant Privacy Notice</a></p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">For all EU based jobs please review our <a href="https://www.lastpass.com/-/media/f26b8d18efa74d3cb25a262c8bd523a9.pdf" target="_blank" class="break-all font-medium underline hover:opacity-75" rel="noopener noreferrer nofollow">Candidate Privacy Notice </a></p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">Please review our <a href="https://www.lastpass.com/-/media/f62849a2f1644911b4369d23a0206e05.pdf" target="_blank" class="break-all font-medium underline hover:opacity-75" rel="noopener noreferrer nofollow">CCPA Notice</a></p>