Vulnerability Management Lead

RSM US LLP•Harrisburg, PA

About The Position

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM. We are seeking a detail-oriented and analytical Vulnerability Management Lead to join our managed cybersecurity team. Managed Security Service Providers (MSSPs) act as vital partners in the ongoing battle against cyber threats for our clients. To excel in this environment, a Vulnerability Management Leader must move beyond simple scanning to provide proactive, risk-based strategies that ensure client resilience. The ideal candidate will possess strong critical thinking skills and a proactive approach to identifying, assessing, and mitigating vulnerabilities within clients’ systems and networks. Being able to convert technical data into Client-friendly prioritized business risk mitigation strategies. This role is essential in ensuring the security and integrity of our clients’ information assets and will involve collaboration with various teams to enhance their overall security posture.

Requirements

Experience: 6–10+ years in vulnerability management or cybersecurity leadership, ideally within an MSSP or global enterprise environment.
Technical Depth: Expert proficiency with enterprise tools such as Tenable, Qualys, Rapid7, and Wiz.
Risk Mindset: Deep understanding of risk management methodologies, CVSS scoring, and the MITRE ATT&CK framework.
Communication: Exceptional ability to communicate complex risk strategies to both technical teams and executive leadership.
Education Bachelor’s degree in Computer Science, Cybersecurity, or a related technical field (Master's or MBA preferred for leadership roles).

Nice To Haves

Certifications: Preferred credentials include CISSP, CISM, or specialized cloud security certifications.

Responsibilities

Strategic Leadership: Develop and execute a comprehensive vulnerability management strategy that aligns with global business objectives and regulatory requirements.
Risk-Based Prioritization: Use advanced frameworks like Continuous Threat Exposure Management (CTEM) and Unified Vulnerability Management (UVM) to prioritize remediation based on business impact and actual exploitability.
Client Experience & Outcomes: Serve as a subject matter expert (SME) for clients, converting complex technical data into actionable insights and strategic recommendations.
Managed Service Excellence: Oversee the end-to-end vulnerability lifecycle—discovery, assessment, remediation, and verification—to ensure strict adherence to client SLAs and quality standards.
Program Maturity: Develop and track sophisticated metrics, including KPIs and KRIs, to demonstrate program effectiveness and drive continuous improvement.
Cross-Functional Collaboration: Partner with Incident Response, Threat Intelligence, Cyber Strategy, Security Operations, and Penetration Testing teams to provide a holistic view of the threat landscape.
Inter-Departmental Liaison: Act as the primary bridge between the Vulnerability Management pod and the Security Operations Center (SOC) to ensure seamless intelligence sharing.
Talent Mentorship: Actively coach and mentor a global team of vulnerability analysts and engineers, fostering a culture of Continuous Learning and professional growth.

Benefits

At RSM, we offer a competitive benefits and compensation package for all our people.
We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients.
Learn more about our total rewards at https://rsmus.com/careers/working-at-rsm/benefits.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume