Specialist Cybersecurity Vulnerability Management

About The Position

Requirements

• Degree/diploma in Information Systems, Information Security, Engineering, or equivalent work experience.
• Minimum 6+ years of directly related work experience.
• Experience with Vulnerability Management technologies (i.e. – Tenable, Qualys, Rapid7).
• Solid understanding of the fundamentals of vulnerability management.
• Experience in security operations, networking, deployment and data analytics.
• Excellent analytical, problem solving, technical writing, verbal communication, and interpersonal skills.
• Excellent communication skills with the ability to interact with global teams and facilitate meaningful conversations in a group setting.
• Ability to work with a high level of independence.

Nice To Haves

• 10 or more years of related experience in IT roles, with a focus on security operations, networking, etc.
• IT security certifications (GCIH, CCSP, CISSP, SSCP, etc).
• SOAR, Power BI, APIs, Python, technology integration, or other similar automation experience and tools.

Responsibilities

• Independently oversee and coordinate the end-to-end vulnerability management lifecycle, including identification, analysis, prioritization, and reporting to key stakeholders and executives.
• Drive risk-based vulnerability prioritization by integrating asset criticality, threat intelligence, and business context to focus remediation efforts on the highest-impact exposures across the organization’s external attack surface, IT, and OT/ICS environments.
• Develop and maintain executive-level dashboards and reporting to communicate vulnerability risk posture, remediation progress, and program KPIs to senior leadership.
• Lead stakeholder meetings across IT and OT/ICS domains to provide recommendations and oversight on remediation strategies aligned with operational and business requirements.
• Extend vulnerability management practices across cloud, hybrid, and containerized environments, ensuring consistent identification and remediation of exposures across the full technology landscape.
• Build, improve, and maintain automation workflows that support vulnerability management operations, while proactively identifying and delivering new automation opportunities to enhance program efficiency, accuracy, and scalability.
• Provide guidance, direction, and oversight to managed service providers and other team members to ensure consistent, high-quality execution of vulnerability management operations.
• Drive continuous improvement across the department's technology stack, processes, and standard operating procedures by evaluating configurations, identifying enhancements, and ensuring thorough documentation.
• Leverage AI and advanced analytics to enhance vulnerability identification, prioritization, and remediation workflows, including identifying patterns, reducing false positives, and improving risk-based decision making.

Benefits

• A flexible benefits program that allows each employee to select the level of coverage needed for their family in the areas of health, dental, insurance and disability
• A paid maternity and parental leave benefit that offers up to 20 weeks of paid leave for birth-giving parents and up to 12 weeks for other eligible parents, providing flexibility and support during this important life event
• Valuable retirement savings plans, including a savings plan with company stock as an investment option
• Paid time off/vacation/sick, plus paid personal days off (depending on location), and paid holidays
• An Employee and Family Assistance Program
• A Wellness Program, which focuses on supporting healthier employees by providing tools, resources, and opportunities to improve physical, mental, social, and financial well-being
• Enbridge’s FlexWork (hybrid work model) offers eligible employees (Manager and below) the option to work from home on Wednesdays and Fridays, opt for a compressed workweek schedule, and have flexible start and end times.