Lead the full vulnerability lifecycle: discovery, validation, risk analysis, prioritization, and remediation measurement.
Leverage business contextualization, underlying systems, and threat intelligence to perform risk assessment for identifying true risk to drive remediation.
Build integrations among scanning tools, asset inventory, CMDBs, ticketing, CI/CD, and monitoring pipelines to streamline workflows.
Evaluate, test, and implement emerging tools and technologies that advance VM automation and intelligence.
Design automation to reduce manual work, increase accuracy, and accelerate remediation.
Generate data‑driven insights that help teams understand, prioritize, and resolve vulnerabilities efficiently.
Collaborate with cloud, infrastructure, DevOps, and product engineering groups to integrate vulnerability management into pipelines and delivery workflows.
Work closely with risk, compliance, governance, and incident response teams to ensure alignment with organizational and regulatory standards.
Communicate vulnerability trends, risk implications, and remediation strategies to technical and non‑technical stakeholders.
Define KPIs, SLAs, dashboards, and reporting models to drive accountability and measurable vulnerability reduction.
Establish repeatable processes, playbooks, and workflows that ensure consistent VM operations across teams and environments.
Mentor junior and mid‑level engineers, offering guidance on advanced security concepts, engineering best practices, and career development.
Serve as a multiplier by elevating skillsets across teams through coaching, pairing, design reviews, and knowledge‑sharing.
Influence architecture and engineering leadership with clear communication, strong decision‑making, and the ability to simplify complex security issues.

Requirements

8+ years of experience in cybersecurity or security engineering roles.
Deep expertise with vulnerability management tools, methodologies, and industry standards.
Hands-on experience with modern infrastructure, cloud services (AWS/Azure/GCP), container platforms, and operating systems.
Proficiency with a modern programming language (Python, Go, Java, etc.) and scripting for automation at scale.
Strong understanding of security architecture, networking, operating systems, identity, and cloud services.
Proven ability to lead, mentor, and inspire engineers across multiple teams.
Strong communication skills with the ability to influence senior stakeholders and translate complex risks into actionable guidance.
Hands-on experience implementing cybersecurity frameworks e.g. NIST CSF.
Hands-on experience with leading compliance initiatives to meet e.g. PCI, SOX, NYDFS, etc.

Benefits

📊 Check your resume score for this job Improve your chances of getting an interview by checking your resume score before you apply. Check Resume Score

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

vulnerability managementrisk assessmentautomationprogramming (Python, Go, Java)scriptingsecurity architecturenetworkingcloud servicescybersecurity frameworkscompliance initiatives

Soft Skills

leadershipmentoringcommunicationinfluencecollaborationdecision-makingcoachingguidanceknowledge-sharingsimplifying complex issues

Certifications

NIST CSF