Vulnerability Management Lead

About The Position

Requirements

• 5+ years in cybersecurity with 3+ years of hands-on vulnerability management ownership in hybrid on-prem/cloud environments.
• Deep operational expertise with enterprise vulnerability scanning platforms — credentialed scanning, policy tuning, coverage management, and integration with downstream workflows.
• Strong command of CVE/CVSS scoring, CISA KEV, exploit maturity indicators, and the ability to translate technical risk into business impact for non-technical stakeholders.
• Experience with CI/CD security tooling and supply chain risk management, including build pipeline security principles.
• Proven track record driving remediation accountability across engineering teams — you know how to get vulnerabilities closed, not just reported.
• Experience aligning VM programs to federal or defense compliance frameworks; CMMC, NIST SP 800-171, or NIST RMF experience strongly preferred.
• Metrics-driven: comfortable owning exposure reduction KPIs, SLA adherence, MTTR, and patch coverage dashboards.
• Clear, direct communicator — equally effective in a technical deep-dive and an executive briefing.
• Security clearance eligibility.

Nice To Haves

• Active Secret or TS clearance, or prior clearance history.
• Experience with AI-assisted vulnerability tooling, graph-based asset and exposure analysis, or automated enrichment pipelines.
• Experience with CI/CD pipeline security hardening platforms.
• Experience operating in classified or air-gapped environments.
• Scripting or automation experience (Python, PowerShell, or Bash) for scan orchestration, data normalization, API integrations, and reporting pipelines.
• Experience with container and cloud-native vulnerability management using CSP-native security tooling.
• Familiarity with NIST SP 800-218 (Secure Software Development Framework) and software supply chain security frameworks.
• Relevant certifications: CISSP, CySA+, GCSA, GCPN, Security+, or equivalent.

Responsibilities

• Own end-to-end vulnerability lifecycle: discovery, validation, prioritization, remediation tracking, exception management, and verification across cloud, on-prem, container, and embedded Linux environments.
• Operate and optimize enterprise vulnerability scanning platforms for continuous credentialed scanning across servers, endpoints, network devices, containers, and cloud assets; maintain coverage, schedules, and configuration audit policies.
• Integrate vulnerability scanning into CI/CD pipelines to harden build workflows, enforce least-privilege controls, and surface supply chain risks before they reach production.
• Leverage AI-assisted scanning and graph-based enrichment pipelines to accelerate triage, map lateral exposure paths, and prioritize findings by exploitability and mission impact.
• Correlate findings across tools to eliminate noise, reduce false positives, and surface the vulnerabilities that actually matter.
• Apply CVSS, CISA KEV, exploit maturity, and asset exposure context — including internet-facing systems, privileged access paths, and classified adjacency — to drive risk-based SLAs and remediation sequencing.
• Partner with software and platform engineering teams to drive timely remediation; own escalation paths for aging critical and high findings.
• Lead critical CVE response: rapid triage, impact assessment, containment guidance, and stakeholder communication for zero-days and actively exploited vulnerabilities.
• Govern exception management: risk acceptance with compensating controls, time-bound approvals, and periodic review cycles.
• Coordinate patching windows and change management across Windows, Linux, network devices, and cloud services.
• Align the VM program to CMMC Level 2/3 requirements; produce audit-ready evidence, POA&Ms, and control effectiveness documentation.
• Deliver executive and operational reporting: exposure trends, SLA performance, mean time to remediate, patch coverage, and remediation velocity.
• Support CMMC assessments and audits with clean, well-documented vulnerability data and remediation history.
• Maintain asset inventory hygiene and scan coverage metrics; ensure classified and sensitive system boundaries are respected in tooling and data handling.
• Build and mature automation for scan scheduling, finding enrichment, ticket creation, SLA tracking, and reporting — reducing manual overhead as the program scales.
• Define and refine VM policies, procedures, and playbooks including critical CVE response runbooks and patch cadence standards.
• Evaluate and recommend tooling improvements; drive integration across the vulnerability management and broader security stack.
• Mentor and support analysts as the team grows; run tabletop exercises for vulnerability and patching scenarios.

Benefits

• Comprehensive health insurance plans covering a range of services
• Saronic pays 100% of the premium for employees and 80% for dependents for medical insurance
• Coverage for routine dental check-ups, orthodontics, and vision care
• Saronic pays 100% of the premium under the basic plan for employees and 80% for dependents for dental and vision insurance
• Generous PTO and Holidays
• Paid maternity and paternity leave
• Competitive Salary
• Opportunities for performance-based bonuses
• 401(k) plan with company match
• Equity options to give employees a stake in the company’s success
• Basic life insurance and short- and long-term disability coverage
• Discounted pet insurance options including 24/7 Telehealth helpline
• Free lunch benefit
• Unlimited free drinks and snacks in the office