Vulnerability Management Senior Manager
Indexed description
Who You’ll Be Working With
If you have a strong background in IT, computer science, or software engineering, and are analytical, technologically savvy, solutions and process-focused, then the Technology & Operations team may be for you!
You’ll Be Responsible For The Following
- Defining and leading the overall strategy for enterprise-wide vulnerability management and risk assessment.
- Developing and enforcing standards, policies, and procedures for vulnerability assessments and remediation.
- Representing vulnerability management in risk committees, audit reviews, and executive briefings.
- Overseeing the end-to-end vulnerability lifecycle including scanning, validation, risk classification, ticketing, remediation tracking, and metrics reporting.
- Implement KPIs and dashboards to measure the effectiveness and maturity of the program (e.g., SLA compliance, Mean-Time-To-Remediate).
- Maintain alignment with NIST, ISO 27001, CIS Controls, PCI DSS, and other security frameworks and standards.
- Managing and mentoring a team of vulnerability analysts, engineers and managers.
- Coordinating with Security Defense Team, IT Ops, AppSec, and DevSecOps teams to support patching and configuration remediation activities.
- Oversee the deployment, configuration, and tuning of scanning tools (e.g., Qualys, Nessus, Rapid7, CrowdStrike Falcon Spotlight).
- Lead efforts in integrating vulnerability data into ticketing systems (e.g., JIRA, ServiceNow) and CMDBs for accurate asset-risk correlation.
- Bachelor’s or Master’s degree in Cybersecurity, Information Technology, or a related field
- 8–12 years of experience in IT security with 5+ years in vulnerability management and risk assessment.
- 5+ years of experience in a managerial or leadership role.
- Strong understanding of CVSS, EPSS, threat intelligence, and risk-based prioritization models.
- Experience with vulnerability scanning platforms and asset discovery tools.
- Familiarity with cloud security (AWS, Azure, GCP, Alibaba), container security, and CI/CD pipelines.
- Excellent communication, analytical thinking, and stakeholder management skills.
- Relevant certifications preferred (e.g., CISSP, CISM, GIAC GCCC, OSCP, CRISC).
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search