Strategy Manager, Vulnerability Management

About The Position

Requirements

• Minimum 5 years of progressive experience in vulnerability management, with 5+ years in a leadership role.
• Strong understanding of vulnerability management and enterprise security best practices.
• Ability to communicate complex security topics to executives and non-technical stakeholders.
• Deep familiarity with NIST CSF, ISO 27001, CIS Controls, and Zero Trust.
• Proven experience managing multiple security initiatives simultaneously.
• Bachelor’s degree in Computer Science, Information Systems, Security Management, or related field.
• Experience working in SaaS, cloud-native, or regulated global environments.
• Experience with e-discovery or litigation technology.
• Experience securing cloud-native applications and SaaS platforms.
• Strong automation experience in Python or PowerShell.
• Knowledge of Zero Trust principles and modern compliance frameworks.
• Excellent communication, detail‑orientation, and ability to lead complex programs.

Nice To Haves

• Certifications such as CISSP, CISM, GIAC, CCSP, AZ-500, SC-300.

Responsibilities

• Develop and execute enterprise vulnerability management strategies aligned with organizational objectives.
• Establish metrics, KPIs, and dashboards for reporting on program maturity and security posture.
• Champion a security‑by‑design mindset across engineering and business functions.
• Lead, mentor, and grow a multidisciplinary team across vulnerability management, enterprise security, and related functions.
• Drive operational excellence with structured processes, documentation, automation, and continuous improvement.
• Own program roadmaps, annual planning, staffing needs, and budget management.
• Partner with security operations, incident response, threat intelligence, identity security, cloud security, and GRC teams.
• Lead enterprise vulnerability management programs, ensuring timely remediation across infrastructure, SaaS, cloud, containers, and endpoint environments.
• Serve as Senior technical authority guiding vulnerability engineering across Kubernetes, cloud workloads, microservices, and corporate systems.
• Ensure security agents, detection tooling, and telemetry pipelines are fully operational and properly configured.
• Serve as trusted advisor to executives and business leaders on security risks and trade‑offs.
• Embed security into technology roadmaps, product lifecycles, enterprise architecture, and vendor management.
• Drive security awareness initiatives and training across the enterprise.

Benefits

• Medical, dental & vision
• Critical Illness, Accident, and Hospital
• 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available
• Life Insurance (Voluntary Life & AD&D for the employee and dependents)
• Short and long-term disability
• Health Spending Account (HSA)
• Transportation benefits
• Employee Assistance Program
• Time Off/Leave (PTO, Vacation or Sick Leave)