Senior Vulnerability Analyst

Get to Know Us

Horizon3.ai is a fast-growing, remote cybersecurity company dedicated to the mission of enabling organizations to proactively find, fix and verify exploitable attack vectors before criminals exploit them. Our flagship product, the NodeZeroTM platform, delivers production-safe autonomous pentests and other key assessment operations that scale across the largest internal, external, cloud, and hybrid cloud environments. NodeZero has been adopted by organizations of all sizes, from small educational institutions to government agencies and Global 100 enterprises. It is used by IT Ops/SecOps teams, consulting pentesters, and MSSPs and MSPs.

We are a fusion of former U.S. Special Operations cyber operators, startup engineers & operators, and formerly frustrated cybersecurity practitioners. We're committed to helping solve our common security problems: ineffective security tools and false positives, resulting in alert fatigue, blind spots, "checkbox” security culture, cybersecurity skills shortage, and the long lead time and expense of hiring outside consultants. Collectively, we are a team of learn-it-alls, committed to a culture of respect, collaboration, ownership, and results.

As a remote first company, we require minimum 25Mbps consumer grade broadband connection.

• We are seeking a Vulnerability Analyst or Cyber Threat Intelligence Analyst to act as our eyes and ears in the cyber security community, and to provide our customers with the latest information about the vulnerabilities NodeZero has been able to use against them. You will also inform our customers and internal teams about emerging threats, threat actor behavior and trends, and help to prioritize our research. You will sit within the Rapid Response organization, reporting directly to the Director of Precision Defense.

• Ideal candidates are well versed in the Security industry, responsible vulnerability disclosure programs and have experience publishing security communications (blogs, white papers, conference talks etc.)

• Analyze the outcomes of NodeZero pentests to understand customer exposure to vulnerabilities and threats to inform our research prioritization

• Research, document and publish mitigation and remediation techniques for the most impactful vulnerabilities affecting our customers

• Monitor public vulnerability databases and threat intelligence sources to stay current on emerging threats.

• Track product coverage for emerging vulnerabilities and drive communication updates for both internal and external partners

• Write, edit and publish public facing content about vulnerabilities

• Create internal content about vulnerabilities and threat actors to support Go To Market and Marketing teams at Horizon3.ai

• Collaborate cross-functionally with attack engineers, product managers, product marketing and customer teams

• Hands‑on vulnerability research exposure, e.g., triage, root‑cause analysis, exploit reproduction/validation, or proof‑of‑concept evaluation.

• 8+ years of experience in vulnerability analysis/research or cyber threat intelligence

• Active exploitation awareness, including how zero‑days/n‑days propagate, PoC weaponization trends, and defender impact.

• Proven ability to work with discretion, handle sensitive information, and build trusted relationships.

• Vulnerability ecosystem fluency: CVE/CWE, NVD/NIST, CISA KEV, EPSS, vendor advisories, and patch/mitigation lifecycles.

• Familiarity with the penetration testing industry and vulnerability management ecosystems

• Outstanding communication and interpersonal skills; able to influence at all levels.

• Exceptional organizational skills with the ability to manage multiple priorities and stakeholders.

Preferred Experience:

• Familiarity with and comfort writing Python

• Experience performing data analysis and creating visualizations to illustrate broad trends

• Experience communicating vulnerability and threat information to technical audiences outside of cyber security

• Digital presence: experience using social channels and community forums to amplify research responsibly.

• Public speaking experience at conferences, webinars, podcasts, and customer briefings; comfortable fielding live Q&A.

Nice to Have:

• Conference publications or awards (e.g., Black Hat, DEF CON, BSides, FIRST).

• Media training and experience briefing reporters or analysts.

• Bug bounty/VDP experience, including triage or program participation from either side.

Travel Required

We are a fully remote company, and this job may require up to 5% of travel to be successful.

Compensation and Values

At Horizon3, we believe that our people are our greatest asset, and our compensation philosophy reflects this core value. We are committed to fostering an environment where all employees feel valued, respected, and rewarded for their contributions. Our compensation structure is designed to be fair, competitive, and transparent, ensuring that every team member is recognized and compensated equitably across roles, levels, and locations.

In accordance with various State’s transparency regulations, we provide the following salary range information for this position:

• Base salary range: $195,000 - $242,000 annually. The exact salary will be determined based on the selected candidate’s location, qualifications, experience, and relevant skills.

• Additional compensation: All full-time roles are eligible for an equity package in the form of stock options.

Perks of Horizon3.ai

• Inclusive Team: We value diversity and promote an inclusive culture where everyone can thrive.

• Growth Opportunities: Be part of a dynamic and growing team with numerous career development opportunities.

• Innovative Culture: Work in a collaborative environment that encourages creativity and out-of-the-box thinking.

• Remote Work: We are a 100% remote company. Enjoy the flexibility to work in the way that supports you and brings out your best.

• Competitive Compensation: We offer competitive salary, equity and benefits. Our benefits include health, vision & dental insurance for you and your family, a flexible vacation policy, and generous parental leave.

You Belong Here

Horizon3 is not just an equal opportunity employer - we are a community that values diversity, equity, and inclusion as fundamental principles of our culture and success. We are dedicated to fostering a workplace where everyone feels welcome and respected, regardless of race, color, religion, sex, national origin, age, disability, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, hair length or any other legally protected status by law.

Our commitment to diversity and inclusion means we strive to attract, develop, and retain a workforce that reflects the varied communities we serve. We believe that diverse perspectives drive innovation and strengthen our ability to create cutting-edge cybersecurity solutions. At Horizon3, every team member is valued and supported in an environment that encourages personal and professional growth.

We welcome candidates from all backgrounds and experiences, and we encourage all qualified individuals to apply. Come be a part of Horizon3, where your unique contributions are recognized, and your potential is limitless.

Other Duties

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Duties, responsibilities, and activities may change at any time with or without notice.

Application Note

In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information.