Vulnerability Management Technical Lead

About The Position

Requirements

• Bachelor's degree, preferably in Computer Science, Cybersecurity, or related field.
• 5–8 years of industry experience in cybersecurity, security engineering, vulnerability management, or IT operations.
• Experience with infrastructure and cloud hardening, vulnerability management, patching, configuration management, and cloud security.
• Strong understanding of vulnerability scanning tools, CVSS scoring, and common remediation workflows.
• Ability to lead technical discussions and drive outcomes across cross-functional teams.
• Familiarity with NIST CSF, CIS Controls, HIPAA, and PCI.
• Experience coordinating remediation for red team and pen test findings.
• Knowledge of cloud platforms (AWS, Azure, GCP) and cloud security.
• Experience with ServiceNow, or similar ticketing systems.
• Broad understanding of IT infrastructure, including networks, applications, databases, operating systems, backup, storage, and disaster recovery.
• Familiarity with information management practices, system development life cycle management, IT services management, agile and lean methodologies, infrastructure and operations, and EA and ITIL frameworks.
• Strong leadership skills with exceptional soft and interpersonal skills, including teamwork, facilitation, and negotiation.
• Highly collaborative and supportive of business and of its ideals and strategies.
• Highly innovative with aptitude for foresight, systems thinking and design thinking.
• Excellent analytical, planning and organizational skills.
• Excellent written, verbal, communication and presentation skills with the ability to articulate new ideas and concepts to technical and nontechnical audiences.
• Knowledge of PowerShell and Internal Query Language scripting is required, Kusto Query Language is a plus.
• Knowledge of and Microsoft Defender management is required; knowledge of Microsoft Sentinel is a plus.

Nice To Haves

• Experience in the healthcare industry is highly desired.
• Preferred certifications include CISM, CCSP, or relevant GIAC certifications are preferred.

Responsibilities

• Oversee technical execution of cybersecurity support and maintenance activities, including vulnerability remediation, penetration test and red team findings, vendor-reported issues, and configuration hardening efforts.
• Lead additional technical cybersecurity initiatives outside of vulnerability management, such as infrastructure and cloud security modernization, access hardening, endpoint security improvements, and secure configuration projects.
• Serve as the primary liaison between the CTO team and the Cybersecurity organization.
• Coordinate remediation and security modernization efforts across infrastructure, applications, cloud, SaaS, and hybrid environments.
• Partner with IT, Engineering, and Business stakeholders to define remediation plans, timelines, technical solutions, and success criteria.
• Ensure remediation tasks are completed within SLA, escalating blockers, and driving cross-functional accountability.
• Build and maintain dashboards and reporting that track remediation progress, SLA adherence, and aging findings.
• Provide regular updates to CTO and Cybersecurity leadership.
• Identify operational weaknesses and lead long-term hardening initiatives that strengthen enterprise security posture.
• Audit systems to identity security gaps as outlined on Lurie’s security policy.

Benefits

• For full time and part time employees who work 20 or more hours per week we offer a generous benefits package that includes:
• Medical, dental and vision insurance
• Employer paid group term life and disability
• Employer contribution toward Health Savings Account
• Flexible Spending Accounts
• Paid Time Off (PTO), Paid Holidays and Paid Parental Leave
• 403(b) with a 5% employer match
• Various voluntary benefits: Supplemental Life, AD&D and Disability
• Critical Illness, Accident and Hospital Indemnity coverage
• Tuition assistance
• Student loan servicing and support
• Adoption benefits
• Backup Childcare and Eldercare
• Employee Assistance Program, and other specialized behavioral health services and resources for employees and family members
• Discount on services at Lurie Children’s facilities
• Discount purchasing program