Security Threat and Vulnerability Program Manager

About The Position

Requirements

• Bachelor’s or Associate’s Degree in a technical field (e.g., Cybersecurity, Computer Science, Information Technology). Equivalency: In lieu of a formal degree, 5 to 10 years of highly relevant professional work experience in information security may be substituted.
• Demonstrated experience working as a Threat Analyst or Vulnerability Management professional.
• Proficiency in scripting or programming languages, such as Python, to automate data analysis and data centralization tasks.
• Strong knowledge of threat centralization tools, security threats, and modern detection techniques.
• Ability to integrate, normalize, and correlate large volumes of disparate security data to identify complex patterns and trends.
• Experience utilizing and configuring enterprise vulnerability scanning and assessment tools.
• Proven capability to conduct data analysis to attribute cyber-attacks to specific threat actors and behaviors.

Nice To Haves

• Proven experience with advanced tools and security controls focused on proactive threat detection.
• Professional security certifications (e.g., CISSP, CISM, CEH, CompTIA Security+, or GIAC certifications such as GCIH/GCIA).
• Strong understanding of foundational network and web protocols, including TCP/IP, SSL/TLS, and HTTP.
• Familiarity with tracking threats and vulnerabilities within cloud infrastructure and hybrid environments (e.g., GCP, AWS, Azure).

Responsibilities

• Monitor, identify, consolidate, and report on technical security threats to the university network on a regular cadence.
• Develop predictive analytics strategies and risk-based security intelligence products to counter advanced threat actors and shifting challenges.
• Design and maintain comprehensive Third-Party Risk Management and Dark Web Cyber Threat Intelligence programs.
• Investigate security alerts, correlate indicators of compromise (IOCs), and perform software/malware analysis to determine impact and attacker methodology.
• Develop and tune security use cases within SIEM and logging environments for real-time threat detection.
• Coordinate vulnerability scanning, translate findings into actionable mitigation tasks, and provide strategic oversight to contractors.
• Convey complex technical analysis to senior leadership and collaborate with cross-functional IT teams to continually mature the cyber program.
• Collaborates extensively with cross-functional IT teams to continually mature a world-class cyber program, driving the uplift of sensory tools, detection tuning, and access to modern data sources.
• Regularly conveys complex technical analysis to senior leadership through clear investigation synopses, graphical attack depictions, and executive presentations.
• Ensures that technical vulnerabilities are translated into actionable mitigation tasks, directly supporting Georgetown University's mission to provide a secure and robust technological environment for its community.

Benefits

• medical, dental, vision, disability and life insurance
• retirement savings
• tuition assistance
• work-life balance benefits
• employee discounts
• an array of voluntary insurance options