Senior Vulnerability Manager

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field, or equivalent practical experience.
• Experience in vulnerability management, security operations, detection engineering, systems administration, or a closely related cybersecurity function.
• Strong understanding of vulnerability management principles, including CVSS, exploitability, remediation validation, compensating controls, and risk-based prioritization.
• Experience with enterprise vulnerability scanning or exposure management platforms.
• Familiarity with operating systems, enterprise infrastructure, cloud environments, networking fundamentals, and common security architectures.
• Ability to analyze technical findings and communicate risk, remediation guidance, and prioritization decisions to technical and non-technical stakeholders.
• Demonstrated ability to coordinate across a broad range of teams and communicate credibly in high-visibility or time-sensitive situations.
• Experience using ticketing, workflow, or project management platforms to track remediation and exception handling.
• Strong analytical, organizational, and problem-solving skills.

Nice To Haves

• 5+ years of experience in vulnerability management or a closely related cybersecurity role, preferably in a large enterprise environment.
• Experience supporting executive-visible security initiatives, escalations, or high-priority remediation efforts.
• Experience operating within a Fortune 100 or similarly complex enterprise and working across centralized security functions and federated business units.
• Familiarity with cloud platforms such as Azure, AWS, or GCP.
• Experience correlating vulnerability data with threat intelligence, exploit telemetry, or security event data.
• Experience with scripting or automation using Python, PowerShell, Bash, or similar languages.
• Experience integrating vulnerability tooling with SIEM, SOAR, CMDB, ITSM, asset inventory, or ticketing systems.
• Knowledge of patch management, change management, remediation governance, and container or cloud workload vulnerability assessment.
• Relevant certifications such as Security+, CySA+, GSEC, CISSP, or similar.

Responsibilities

• Serve as a primary coordinator for vulnerability findings, risk assessments, and remediation efforts for “zero day” and actively exploited vulnerabilities.
• Manage high-visibility remediation taskings from central security functions, senior leadership, or strategic stakeholders, ensuring clear ownership, accountability, and follow-through.
• Operate and improve vulnerability management workflows across on-premises, cloud, hybrid, and endpoint environments.
• Perform vulnerability triage, validation, prioritization, and risk-based analysis using exploitability, asset criticality, exposure, compensating controls, and threat context.
• Partner with infrastructure, application, platform, and business teams to coordinate remediation activities and improve time-to-remediate for critical and high-risk findings.
• Translate technical risk into actionable guidance, executive-ready updates, and concise remediation narratives for stakeholders with varying levels of technical expertise.
• Help define and maintain severity, prioritization, remediation, and exception-handling standards, including service level objectives and escalation paths.
• Validate remediation through rescans, targeted testing, or review of supporting evidence, and improve data quality, reporting, and lifecycle tracking.
• Support reporting and metrics for program health, including remediation aging, SLA adherence, exception tracking, recurring exposure trends, and sensitive issue status.
• Identify opportunities to automate vulnerability intake, enrichment, ticketing, prioritization, reporting, and stakeholder notifications.
• Contribute to security policies, standards, and operational procedures related to patch governance, exposure management, and exception handling.

Benefits

• Medical, dental, vision, health savings account or health reimbursement account, healthcare spending accounts, dependent care spending accounts, life and AD&D insurance, disability insurance
• 401(k) with Company match, tuition reimbursement, charitable donation matching
• Paid holidays and vacation, paid sick time, floating holidays, compassion and bereavement leaves, parental leave
• Mental health & wellbeing programs, fitness programs, free and discounted games, and a variety of other voluntary benefit programs like supplemental life & disability, legal service, ID protection, rental insurance, and others
• Relocation assistance