Senior Manager, Vulnerability Management

About The Position

Requirements

• Minimum 12 years of experience, may have supervisory or management experience
• Minimum 5+ years in a technical leadership or management role overseeing vulnerability remediation or enterprise security operations.
• Demonstrated experience leading vulnerability management programs in data center or large enterprise environments.
• Must have extensive IT and cybersecurity experience, including vulnerability management, infrastructure security, or platform security operations.
• Hands-on experience with enterprise vulnerability scanning and assessment tools (e.g., Tenable, Nessus, or similar).
• Advanced technical knowledge of Windows Server and RedHat Enterprise Linux security and administration.
• Experience applying system hardening standards and security configuration baselines.
• Experience analyzing vulnerability data and prioritizing remediation using risk-based scoring methodologies.
• Experience coordinating cross-team remediation efforts across infrastructure, platform, and application teams.
• Experience developing technical and executive-level security reports and dashboards.
• Certification Required: active Certified Information Systems Security Professional (CISSP)
• U.S. Citizenship required; must be able to obtain and maintain a DHS Entry on Duty (EOD) clearance.

Nice To Haves

• Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or related field.
• Master’s degree in Cybersecurity, Information Assurance, or related field.
• Experience supporting federal or DHS environments with directive-driven vulnerability remediation requirements.
• Experience in multi-tenant data center or hybrid-cloud environments.
• Knowledge of database and API security risks and common vulnerability patterns (e.g., OWASP Top 10).
• Experience with automated compliance and configuration assessment tools.
• Experience managing vulnerability exception and remediation tracking programs.
• Strong familiarity with enterprise vulnerability KPIs such as Mean Time to Remediate (MTTR) and compliance scoring.
• Experience leading zero-day or critical vulnerability response efforts.
• Prior experience coordinating with ISSOs, security engineering, and operations teams.
• Project Management Professional (PMP) certification

Responsibilities

• Serve as primary technical lead for vulnerability management across Data Center GSS and tenant environments.
• Review and interpret federal vulnerability directives and alerts and translate them into actionable remediation requirements.
• Direct enterprise response to emerging threats and zero-day vulnerabilities, including impact assessments and coordinated remediation actions.
• Oversee asset risk classification and vulnerability tracking across multi-tenant systems.
• Ensure alignment with federal security mandates and system hardening standards and required remediation timelines.
• Lead analysis and validation of vulnerability scan results, including false-positive review and risk prioritization.
• Direct remediation strategies across Windows Server, RedHat Enterprise Linux (RHEL), hybrid cloud, database, and API platforms.
• Oversee vulnerability mitigation aligned to DISA STIGs and enterprise configuration baselines.
• Guide remediation planning where immediate fixes are not feasible, including mitigation strategies and risk documentation.
• Ensure teams apply risk-based prioritization and remediation sequencing.
• Lead recurring vulnerability remediation and status reviews with ISSOs and operations teams.
• Serve as senior technical liaison to system owners and tenant stakeholders regarding risk posture and compliance requirements.
• Coordinate across infrastructure, engineering, and platform teams to remove remediation blockers.
• Provide technical guidance and decision support during high-severity vulnerability and zero-day events.
• Direct development of executive dashboards and detailed technical vulnerability reports.
• Track and improve key metrics such as remediation timelines and compliance rates.
• Ensure accuracy and timeliness of high-priority vulnerability and threat reporting.
• Present vulnerability posture and remediation progress to leadership and customer stakeholders.