of SVP, Vulnerability Management & Cloud Security Posture Platform Engineering

About The Position

Requirements

• Hands-on experience running and engineering enterprise cybersecurity platforms, especially vulnerability management, scanning, asset discovery, cloud security posture, or cloud-native application protection platforms in large financial institutions.
• Strong operational discipline, including production support, incident response, change management, service health monitoring, vendor escalation, and lifecycle management.
• Strong engineering mindset, including automation, API integration, configuration management, repeatable deployment patterns, data quality improvement, and toil reduction.
• Strong understanding of vulnerability management operating models, including remediation tracking, SLA governance, exceptions, ownership validation, and major vulnerability response.
• Strong networking knowledge, including TCP/IP, routing, DNS, firewalls, proxies, load balancers, network segmentation, NAT, packet flows, latency, and reachability troubleshooting.
• Experience scanning and assessing diverse enterprise technologies, including servers, endpoints, network devices, databases, appliances, cloud assets, containers, and externally exposed systems.
• Knowledge of scanner architecture, agent health, network zones, scan routes, authenticated scanning, credential management, and scan troubleshooting.
• Experience with cloud environments, including AWS, Azure, and GCP, cloud connectors, IAM, APIs, and security control frameworks.
• Experience integrating cybersecurity platforms with CMDB, ticketing systems, reporting platforms, data pipelines, cloud platforms, vulnerability management systems, and enterprise dashboards.
• Strong understanding of access management, including SSO, MFA, RBAC, privileged access, service accounts, API tokens, and recertification.
• Programming and automation skills using Python, Go, Java, or similar.
• Ability to debug complex issues across platforms, agents, scanners, cloud connectors, APIs, data pipelines, identity systems, networks, firewalls, routing paths, and vendor services.
• Experience supporting audit, regulatory reporting, evidence retention, operational controls, and production change management.
• A mindset focused on automation, scalability, governance, resilience, and reducing operational friction.
• Experience with Kubernetes and container vulnerability management, including cluster visibility, container image assessment, runtime context, registry integrations, cloud-native asset inventory, and remediation workflows.
• Bachelor's degree in computer science or a related discipline, or equivalent work experience required.
• 10-12 years of experience in information security or related technology experience required.

Nice To Haves

• Advanced degree preferred.
• Experience in the securities or financial services industry is a plus.
• Experience with the following tooling preferred: Qualys, Wiz.io, Lumeta, or similar vulnerability management, asset discovery, network visibility, and cloud security posture platforms.
• Experience operating or engineering cybersecurity platforms in FedRAMP-authorized or FedRAMP-aligned cloud environments.
• Familiarity with FedRAMP control expectations, evidence collection, vulnerability scanning requirements, continuous monitoring, access governance, and cloud security operations.

Responsibilities

• Own engineering and operational accountability for enterprise vulnerability management and cloud security posture management tooling.
• Run critical cybersecurity platforms day to day, including platform health, configuration, access, integrations, upgrades, onboarding, troubleshooting, vendor support, and production stability.
• Engineer platform improvements that increase reliability, scalability, coverage, automation, performance, data quality, and operational resilience.
• Manage platform configuration, tenant administration, access models, scanner and agent lifecycle, cloud connectors, onboarding standards, and service health.
• Support scanning across servers, endpoints, databases, network devices, appliances, cloud assets, containers, external-facing assets, and other enterprise technologies.
• Partner with network and infrastructure teams on scanner placement, network zones, routing, firewall rules, segmentation, latency, reachability, authenticated scanning, and scan troubleshooting.
• Drive asset discovery, inventory reconciliation, coverage reporting, ownership validation, and integration with CMDB and authoritative asset sources.
• Build and maintain automation, APIs, configuration management, dashboards, reporting workflows, and data pipeline integrations, including integrations that ingest asset, ownership, cloud, and configuration data from enterprise systems and publish vulnerability and posture data to downstream remediation, reporting, and risk platforms.
• Partner with vulnerability management teams to enable prioritization, remediation tracking, SLA governance, exception workflows, and major vulnerability response.
• Own platform monitoring, health checks, operational dashboards, incident response, vendor escalations, disaster recovery readiness, and business continuity procedures.
• Support SSO, RBAC, privileged access, service accounts, API tokens, access recertification, segregation of duties, audit evidence, and regulatory reporting.
• Troubleshoot complex issues across tools, agents, scanners, APIs, cloud connectors, networks, identity systems, data pipelines, vendor platforms, and downstream reporting consumers.
• Create dynamic engineering solutions using languages such as Python, Go, Java, or similar.
• Mentor engineers, improve runbooks and documentation, and raise the technical bar through hands-on platform expertise.

Benefits

• Keeps critical cybersecurity platforms stable, healthy, upgraded, monitored, documented, and supportable.
• Improves platform reliability, scan health, agent health, connector health, data quality, and operational visibility.
• Expands coverage across infrastructure, applications, business units, cloud accounts, containers, network devices, appliances, and external-facing assets.
• Enables reliable reporting, remediation tracking, SLA governance, audit evidence, and regulatory support.
• Reduces manual effort through automation, repeatable onboarding, self-service intake, standardized runbooks, and engineered controls.
• Strengthens access governance, platform controls, service ownership discipline, and production resilience.