Define and execute IDEXX’s global vulnerability management strategy, roadmap, and operating model aligned with NIST CSF, ISO 27001, and CIS Controls
Advise the CISO on vulnerability posture, enterprise risk trends, and risk-reduction strategy
Establish vulnerability lifecycle workflows from discovery through remediation validation, including escalation paths, exceptions, and governance
Develop vulnerability management policies, standards, and remediation SLAs
Define and track KPIs, KRIs, and program success metrics to measure effectiveness, velocity, and maturity
Lead, mentor, and grow a global team of vulnerability management professionals, security engineers, and analysts
Build sustainable organizational capabilities and a culture of continuous improvement and operational excellence
Manage staffing, performance, career development, and vendor/partner relationships to support program scale and effectiveness
Lead enterprise-wide vulnerability identification, assessment, prioritization, and remediation across infrastructure, applications, cloud (AWS, Azure, GCP), endpoints, containers, OT/IoT, manufacturing, and laboratory environments
Establish risk-based prioritization models incorporating exploitability, threat intelligence, asset criticality, and environmental context
Own and mature vulnerability management platforms (e.g., Tenable, Qualys, Rapid7, Wiz, Snyk) to ensure accuracy, coverage, and scalability
Drive automation, cloud-native capabilities, CI/CD integration, and shift-left practices to improve remediation efficiency and developer enablement
Integrate vulnerability data into orchestration platforms, ticketing systems, and security dashboards
Partner with IT Operations, Cloud Infrastructure, Engineering, DevSecOps, and business technology leaders to embed remediation into enterprise workflows
Assess and improve remediation capacity through training, tooling enhancements, and automation
Develop and deliver operational, technical, and executive-level vulnerability reporting and dashboards
Communicate vulnerability posture, trends, and recommendations to the CISO, security leadership, and governance forums
Analyze vulnerability data to identify systemic issues, recurring patterns, and opportunities for proactive risk reduction.

Requirements

Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, or a related field—or equivalent professional experience
7+ years of cybersecurity experience, including 5+ years leading enterprise vulnerability management programs
Deep expertise deploying and operating vulnerability management platforms at scale (e.g., Tenable, Qualys, Rapid7, Wiz, Snyk)
Strong knowledge of cloud security and cloud-native vulnerability management across AWS, Azure, and GCP
Proven ability to build and mature vulnerability management programs, establishing processes, workflows, and operational cadence
Demonstrated success partnering with IT Operations, Infrastructure, and Engineering teams to drive remediation outcomes
Excellent communication skills with the ability to translate technical vulnerability data into business risk for executive and technical audiences.

Benefits

Health / Dental / Vision Benefits
Day-One 5% matching 401k
Additional benefits including but not limited to financial support, pet insurance, mental health resources, volunteer paid days off, employee stock program, foundation donation matching, and much more!

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills

vulnerability managementrisk managementcloud securityautomationCI/CD integrationdata analysisremediation strategiesKPI trackingvulnerability lifecycle managementsecurity reporting

Soft skills

leadershipmentoringcommunicationcollaborationorganizational skillsproblem-solvingstrategic thinkingcontinuous improvementteam developmentstakeholder engagement

Certifications

Bachelor’s degree in Computer ScienceBachelor’s degree in CybersecurityBachelor’s degree in Information Systems