Senior Consultant or Manager, Vulnerability Management - Cybersecurity

BDO-posted 14 days ago
Full-time • Mid Level
Hybrid
1,001-5,000 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

BDO is a firm built on a foundation of positive relationships with our people and our clients. Each day, our professionals provide exceptional service, helping clients with advice and insight they can trust. In turn, we offer an award-winning environment that fosters a people-first culture with a high priority on your personal and professional growth. BDO is seeking a seasoned professional to join our growing Cyber Security team as a Senior Consultant or Manager specializing in Vulnerability Management. In this role, you will play a critical part in helping our clients strengthen their security posture by identifying, assessing, and managing vulnerabilities across complex enterprise and cloud environments. If you are passionate about proactive risk mitigation, client advisory, and continuous improvement in vulnerability and patch management operations and want to work in a collaborative, innovative environment—this is the right opportunity for you.

  • Lead the design, implementation, and optimization of enterprise vulnerability management programs, ensuring alignment with industry standards and client security objectives.
  • Oversee the deployment and continuous tuning of automated vulnerability scanning tools to ensure comprehensive coverage and timely identification of security gaps.
  • Develop and refine custom enterprise security metrics and dashboards that provide clear visibility—from executive-level summaries to tactical, operational details—enabling informed decision-making.
  • Analyze complex enterprise environments to tailor patch management recommendations that align with the organization’s incremental security goals and operational realities.
  • Advise clients on improving their patch management operations, ensuring that security updates are applied efficiently and effectively without disrupting business operations.
  • Develop and maintain metrics tracking vulnerability remediation timelines and effectiveness, providing regular reporting to senior leadership and executives.
  • Collaborate closely with software development and DevOps teams to integrate security best practices into the software development lifecycle, ensuring vulnerabilities are addressed early and effectively.
  • Provide executive-level reporting on vulnerability trends, risk levels, and remediation progress to enhance organizational visibility and accountability.
  • Continuously assess and refine vulnerability and patch management processes to enhance efficiency, minimize downtime, and reduce risk exposure.
  • Stay current on emerging vulnerabilities, exploits, and technologies; contribute to continuous improvement across vulnerability management and related practices.
  • Bachelor’s degree in Computer Science, Information Security, or a related field.
  • 5+ years of experience in vulnerability management, risk assessment, or cyber security consulting.
  • Strong understanding of vulnerability scanning tools and platforms (e.g., Qualys, Nessus, Rapid7, Tenable, InsightVM).
  • Familiarity with security frameworks such as NIST CSF, ISO 27001, CIS Controls, and related governance models.
  • Proven ability to communicate technical findings clearly to both technical and non-technical audiences.
  • Experience collaborating with cross-functional teams (SOC, DevSecOps, IR, and leadership).
  • Experience in a consulting environment or supporting a diverse portfolio of enterprise clients.
  • Experience with cloud platforms (Azure, AWS, GCP) and related vulnerability assessment methodologies.
  • Familiarity with DevSecOps practices, container security, and CI/CD pipeline scanning.
  • Experience developing or scripting automation for security operations (e.g., Python, PowerShell, KQL, or API integrations).
  • Understanding of compliance and reporting requirements in regulated industries (e.g., finance, healthcare, public sector).
  • CISSP, CISM, CRISC, or CISA.
  • GIAC GSLC, GCCC, or GVMS.
  • Microsoft SC-200, Azure Security Engineer Associate, AWS Security Specialty, or equivalent cloud certifications.
  • CompTIA Security+, CySA+, or CEH.
  • We pay for performance with competitive total cash compensation that recognizes and rewards your contribution.
  • We provide flexible benefits from day one, and a market leading personal time off policy.
  • We are committed to supporting your overall wellness beyond working hours and provide reimbursement for wellness initiatives that fit your lifestyle.
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Cybersecurity Consultant Resume Examples
Cybersecurity Consultant Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service