Manager, Threat and Vulnerability

About The Position

Requirements

• 7+ years of experience in cybersecurity, with 3+ years in a leadership role focused on TVM, ASM, or CTEM.
• Strong team leadership skills, with a focus on Mission First, People Always. Have experience building effective, dynamic teams that can execute the day to day tactical tasks, but also have a strategic mindset of continuous improvement and maturity.
• Deep understanding of vulnerability management, threat intelligence, and exposure reduction strategies.
• Experience with ASM and CTEM platforms and methodologies.
• Strong knowledge of cloud security, container security, and modern hybrid infrastructure.
• Relevant certifications (e.g., CISSP, CISM, OSCP, GIAC) are a plus.
• Collaboration is paramount in this role. Must have experience actively engaging with various stakeholders, including business units, to address specific security needs, integrate threat and vulnerability management practices, and ensuring a consistent security approach worldwide.

Nice To Haves

• Experience integrating TVM and ASM workflows into ITSM platforms.
• Familiarity with MITRE ATT&CK, threat modeling, and adversary simulation.
• Ability to translate technical findings into business risk and actionable insights.
• Detail oriented, with proven ability to mobilize and energize cross-functional teams to implement solutions and complete tasks.
• Demonstrable track record dealing well with ambiguity, prioritizing needs, and delivering measurable results in an agile, fast-paced and high-stress environment.
• Advanced analytical/problem solving ability, critical decision making, and intuitive approach to TVM.
• Cat herder. You will be the mediator and will calm the storm by focusing everyone on the common goal to reduce threat exposure risk.

Responsibilities

• Develop and lead the enterprise Threat and Vulnerability Management program, including ASM and CTEM capabilities.
• Build and manage a high-performing team of vulnerability analysts, threat researchers, and ASM specialists.
• Collaborate with IT and business units to align exposure management priorities with business objectives.
• Oversee vulnerability scanning, prioritization, and remediation across on-prem, cloud, and hybrid environments.
• Integrate threat intelligence into vulnerability workflows to contextualize and prioritize risk.
• Manage the full lifecycle of vulnerabilities, from discovery to closure, ensuring timely and effective remediation.
• Implement and maintain ASM tools to continuously discover and monitor external-facing assets.
• Identify shadow IT, misconfigurations, and exposed services that increase risk.
• Work with asset owners to validate findings and reduce exposure.
• Establish CTEM processes to simulate real-world attack scenarios and assess organizational resilience.
• Coordinate with red/purple teams and threat modeling efforts to validate controls and identify gaps.
• Use CTEM insights to drive strategic improvements in detection, response, and hardening.
• Administer and optimize TVM, ASM, and CTEM platforms.
• Drive automation of scanning, reporting, and ticketing workflows, including integration with internal IT systems.
• Ensure scalability and efficiency of security operations through continuous improvement.
• Develop and deliver dashboards and executive reports on vulnerability trends, exposure levels, and progress of remediation.
• Track key performance indicators (KPIs) and risk reduction metrics to measure program effectiveness.
• Ensure alignment with regulatory frameworks in partnership with the GRC Team.
• Support audit and compliance efforts related to vulnerability and exposure management.

Benefits

• medical
• dental
• vision
• paid vacation
• 401k (up to 4% match)
• Health Savings Account (with company contribution)
• well-being program
• product purchase discounts