What do NASA and emerging space companies have in common with COVID vaccine R&D teams or with Roblox and the Metaverse? 

The answer is data, -- all fast moving, fast growing industries rely on data for a competitive edge in their industries. And the most advanced companies are realizing the full data advantage by partnering with Pure Storage. Pure’s vision is to redefine the storage experience and empower innovators by simplifying how people consume and interact with data. With 11,000+ customers including 58% of the Fortune 500, we’ve only scratched the surface of our ambitions

Pure is blazing trails and setting records:

  • For eight straight years, Gartner has named Pure a leader in the Magic Quadrant 
  • Our customer-first culture and unwavering commitment to innovation have earned us a certified Net Promoter Score in the top 1% of B2B companies globally
  • Industry analysts and press applaud Pure’s leadership across these dimensions
  • And, our 4,000+ employees are emboldened to make Pure a faster, stronger, smarter company as we go

If you, like us, say “bring it on” to exciting challenges that change the world, we have endless opportunities where you can make your mark.



Pure Storage (PSIRT) Security Incident Manager is responsible for scoring / re-scoring security vulnerabilities, working closely with security engineering to identify final attribution for fix/risk mitigation of security vulnerabilities, working cross functionally across teams to document and publish security advisories as required.   

A successful candidate will have demonstrated experience in the lifecycle of a security vulnerability investigation, through to eventual CVE publishing if required.

This role entails a high level of cross functional engagement.  A successful candidate will be task driven, very focused on task completion.  In addition to responsibilities relating to security vulnerability investigation, a successful candidate will also engage in identifying and leading implementation of improvements with Produce Security Incident Response.  

As a senior role within CX, a PSIRT Security Incident Manager will also lead company wide efforts in conjunction with other CX, Engineering, Legal, PR Sales resources to coordinate Pure’s response to industry wide security vulnerabilities.


PSIRT Security Incident Manager will:

  • Promptly assemble and lead a cross-functional team to engage/ mitigate security incidents
  • Own resolution(s) on executive-level customer and product escalations relating to security 
  • Drive communication with senior-level client stakeholders on a business as well at a technical level

Job Responsibilities will include:  

  • Act as the customer advocate in managing security risks, ensuring issues are prioritized and remediated at an appropriate velocity, and escalate to senior leadership as needed
  • Lead security initiatives and serve as the central point of contact for Pure Storage Engineering, QA, Product Management to own coordination of actions associated with internally and externally identified vulnerabilities
  • Collaborate with Product Engineering to prioritize resolution to security vulnerability exploits; program manage Product Security Vulnerability fix and integration (release roadmap/ and communications); document/publish internal/external messaging to communicate the status of fix/integration details to Pure Executive leadership (Estaff)
  • Communicate quickly and effectively with engineers, various stakeholders, and customers about security issues as well as author technical documentation on security issues (i.e. mitigations and fixes) in a clear and easy-to-understand manner
  • Drive post mortem and lessons learned on all systemic security incidents/ vulnerabilities, which may include a full follow-through,  documentation, and implementation of all associated corrective actions  
  • Execute work against long-term goals and initiatives to support Pure Storage overall security posture and roadmap
  • Strong people and project management skills with a minimum of 12 years of experience supporting Fortune 500 companies, preferably in Enterprise storage, virtualization, networking, or Enterprise applications industry
  • 7+ years of Critical Incident Management experience with the ability to work in a highly-matrixed environment  
  • CVSS (Common Vulnerability Scoring System) experience is required  
  • Bachelor’s degree required; equivalent experience considered
  • Able to multitask, influence, negotiate, and delegate with a strong sense of urgency and accountability
  • Manage crisis situations outside of normal working hours as needed 
  • Dedication to understanding cause and effect- ability to unravel complicated problem statements and work with cross-functional teams to determine required areas of improvement
  • Ability to create policies and processes where they do not exist, develop and implement governance where required, and bring order where there is complexity and uncertainty. 
  • Adapt to change and effectively organize work according to business priorities

Technical Skills:

  • Specific technical and business problem knowledge in one or more of the following areas:

    • Vendor ecosystem knowledge

    • Enterprise Cyber Risk Management

    • Security Strategy and Governance

    • Regulatory Compliance services (FCA, PRA, GDPR)

    • Security Framework (NIST, ISO27001, Cyber Essentials, etc.)

    • Threat Intelligence Services

  • Certifications - hold an industry-recognized certification such as CISM, CISSP, CRISC, or equivalent

The annual base salary range is: $95,000 - $204,000. Salary ranges are determined based on role, level and location. For positions open to candidates in multiple geographical locations, the base salary range is reflective of the labor market across the applicable locations. This role may be eligible for incentive pay and/or equity. And because we understand the value of bringing your full and best self to work, we offer a variety of perks to manage a healthy balance, including flexible time off, wellness resources, and company-sponsored team events - check out for more information.



Pure is where you ask big questions, think differently, and make an impact. This is not just a job, but a place where you have a voice and can accelerate your career. We value unique thoughts and celebrate individuality, and with ample opportunity to learn, develop yourself, and expand into different roles, joining Pure is an investment in your career journey.

Through our Pure Equality program, which supports a flourishing field of employee resource groups, we nourish the personal and professional lives of our team members. And our Pure Good Foundation gives back to local and global communities through volunteering and grants.

And because we understand the value of bringing your full and best self to work, we offer a variety of perks to manage a healthy balance, including flexible time off, wellness resources, and company-sponsored team events.


Research shows that in order to apply for a job, women feel they need to meet 100% of the criteria while men usually apply after meeting about 60%. Regardless of how you identify, if you believe you can do the job and are a good match, we encourage you to apply.

Pure is proud to be an equal opportunity and affirmative action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or any other characteristic legally protected by the laws of the jurisdiction in which you are being considered for hire. 

If you need assistance or an accommodation due to a disability, you may contact us at


If you're wondering how or why Pure collects or uses information you provide, we invite you to check out our Applicant & Candidate Personal Information Protection Notice.


Some positions may require a deemed export license for compliance with applicable laws and regulations. Please note: Pure does not currently sponsor deemed export license applications so we are unable to proceed with applicants requiring stated sponsorship.


In accordance with Pure’s policies, current and anticipated federal regulations, and our ongoing commitment to prioritizing the health and well-being of our employees, partners, and customers, and the community at large, where permitted by law, all Pure employees and contractors working in the United States are expected to be fully vaccinated against COVID-19 prior to your start date. Should you require an exemption for medical or religious reasons, you must initiate Pure’s exemption request process which will determine if an exemption can be granted in accordance with applicable local, state, and/or federal law.

Apply for this Job

* Required

resume chosen  
(File types: pdf, doc, docx, txt, rtf)
cover_letter chosen  
(File types: pdf, doc, docx, txt, rtf)
When autocomplete results are available use up and down arrows to review
+ Add another education

Voluntary Self-Identification

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in Pure Storage’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Form CC-305

OMB Control Number 1250-0005

Expires 05/31/2023

Voluntary Self-Identification of Disability

Why are you being asked to complete this form?

We are a federal contractor or subcontractor required by law to provide equal employment opportunity to qualified people with disabilities. We are also required to measure our progress toward having at least 7% of our workforce be individuals with disabilities. To do this, we must ask applicants and employees if they have a disability or have ever had a disability. Because a person may become disabled at any time, we ask all of our employees to update their information at least every five years.

Identifying yourself as an individual with a disability is voluntary, and we hope that you will choose to do so. Your answer will be maintained confidentially and not be seen by selecting officials or anyone else involved in making personnel decisions. Completing the form will not negatively impact you in any way, regardless of whether you have self-identified in the past. For more information about this form or the equal employment obligations of federal contractors under Section 503 of the Rehabilitation Act, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at

How do you know if you have a disability?

You are considered to have a disability if you have a physical or mental impairment or medical condition that substantially limits a major life activity, or if you have a history or record of such an impairment or medical condition.

Disabilities include, but are not limited to:

  • Autism
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, or HIV/AIDS
  • Blind or low vision
  • Cancer
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or hard of hearing
  • Depression or anxiety
  • Diabetes
  • Epilepsy
  • Gastrointestinal disorders, for example, Crohn's Disease, or irritable bowel syndrome
  • Intellectual disability
  • Missing limbs or partially missing limbs
  • Nervous system condition for example, migraine headaches, Parkinson’s disease, or Multiple sclerosis (MS)
  • Psychiatric condition, for example, bipolar disorder, schizophrenia, PTSD, or major depression

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.