Data Center Solution Manager
Acuity
Vulnerability Manager
Keeper Security, Inc.
full-time
Posted on:
Location Type: Remote
Location: Remote • California • 🇺🇸 United States
Visit company websiteJob Level
SeniorLead
Tech Stack
AWSAzureCloudCyber SecurityGoogle Cloud PlatformPythonServiceNowSplunk
About the role
- Own Keeper’s enterprise vulnerability management strategy, governance, and SLAs across all environments
- Build scalable processes for vulnerability discovery, risk scoring, and remediation across multi-cloud and SaaS infrastructure
- Manage vulnerability scanning and asset discovery tools (e.g., Tenable.io) and ensure continuous coverage
- Correlate vulnerability data with threat intelligence and exploit activity to drive risk-based prioritization
- Partner with Engineering, DevOps, IT, and Cloud Operations to ensure timely remediation and SLA adherence
- Integrate vulnerability tracking and remediation into CI/CD and ticketing systems (e.g., Jira, ServiceNow, GitLab)
- Automate scanning, correlation, and reporting workflows using scripting and API integrations
- Develop dashboards and analytics to measure exposure trends and risk reduction progress
- Monitor zero-day vulnerabilities, CISA KEV bulletins, and exploit campaigns to guide proactive mitigation
- Ensure compliance alignment with frameworks such as FedRAMP, StateRAMP, SOC 2, ISO 27001, and NIST 800-53
- Communicate vulnerability insights and risk metrics to leadership and key stakeholders
- Mentor engineers and analysts, fostering a culture of precision, accountability, and continuous improvement
- Represent vulnerability management in executive briefings, audits, and public-sector engagements
Requirements
- 7+ years of experience in vulnerability management, security engineering, or cyber risk management
- Proven success managing enterprise-scale vulnerability programs across SaaS and public-sector environments
- Deep expertise in vulnerability scanning, CVE/CVSS scoring, exploit analysis, and risk prioritization
- Strong understanding of cloud environments (AWS, GCP, Azure) and modern application stacks
- Demonstrated ability to communicate technical risk clearly to both executive and non-technical stakeholders
- Solid grasp of relevant compliance frameworks: NIST SP 800-53, CIS Controls, ISO 27001, SOC 2, FedRAMP, StateRAMP
- Excellent problem-solving, organizational, and cross-functional collaboration skills
- Preferred Qualifications
- Certifications such as CISSP, CISM, OSCP, or GIAC GCVS/GCFA
- Experience with automation, scripting, and data analytics (Python, PowerShell, API integration, Splunk, or Elastic dashboards)
- Background in security architecture, red teaming, or exploit development
- Familiarity with vulnerability disclosure programs and coordination with bug bounty platforms
- Experience developing and presenting vulnerability metrics to senior leadership or board-level stakeholders
- Bachelor’s degree in Cybersecurity, Computer Science, or a related field, or equivalent experience
Benefits
- Medical, Dental & Vision (inclusive of domestic partnerships)
- Employer Paid Life Insurance & Employee/Spouse/Child Supplemental life
- Voluntary Short/Long Term Disability Insurance
- 401K (Roth/Traditional)
- A generous PTO plan that celebrates your commitment and seniority (including paid Bereavement/Jury Duty, etc)
- Above market annual bonuses
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
vulnerability managementvulnerability scanningCVE scoringCVSS scoringexploit analysisrisk prioritizationautomationscriptingdata analyticscloud environments
Soft skills
problem-solvingorganizational skillscross-functional collaborationcommunicationmentoringaccountabilitycontinuous improvement
Certifications
CISSPCISMOSCPGIAC GCVSGIAC GCFA
