Lead the Vulnerability Management Program: Strategically design, implement, and continuously mature the vulnerability scanning and management program across the enterprise, including on-premises infrastructure (servers, network devices), applications, containers, and complex cloud environments.
Automation and Engineering: Architect, develop, and maintain robust automation pipelines to integrate vulnerability scanners with cloud APIs, asset inventory, and orchestration tools, significantly reducing manual efforts and improving data accuracy.
Cloud and Infrastructure Security Expertise: Serve as a subject matter expert for identifying, assessing, and remediating vulnerabilities specific to both cloud and on-premises services and configurations.
Risk Analysis and Prioritization: Continuously refine the risk-based prioritization methodology, ensuring the highest severity and most exploitable vulnerabilities are addressed first, collaborating closely with development and infrastructure teams.
Tool Management: Evaluate, deploy, configure, and maintain advanced vulnerability scanning platforms (e.g., Tenable, Qualys, Rapid7), ensuring optimal coverage, accuracy, and integration across the hybrid environment.
Mentorship and Documentation: Mentor junior team members, develop detailed technical documentation, and define best practices for vulnerability identification, reporting, and remediation.
Reporting and Metrics: Define, track, and present advanced security metrics (KPIs/KRIs) and management-level reports on the overall vulnerability posture, remediation trends, and program effectiveness.
Process Improvement: Drive measurable improvements in the mean time to detect (MTTD) and mean time to remediate (MTTR) vulnerabilities.

Requirements

7+ years of progressive experience in Information Security, with at least 3 years dedicated to a senior/lead role in Vulnerability Management.
High-level proficiency in scripting for developing security automation, API integration, data manipulation, and building custom security and reporting tools.
Deep, hands-on experience securing large-scale cloud environments and traditional on-premises enterprise systems.
Expertise in administering and tuning enterprise-grade vulnerability scanning solutions (e.g., Tenable.io/Nessus, Qualys, Rapid7 Nexpose) across both cloud and on-premises assets.
Thorough understanding of vulnerability scoring standards (CVSS v3+) and the methodologies used to prioritize risks based on business context and threat intelligence.
Experience with CI/CD pipeline security, DevSecOps practices, and integrating security testing into the development lifecycle.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

vulnerability managementscriptingAPI integrationdata manipulationcloud securityon-premises securityvulnerability scanningCI/CD pipeline securityDevSecOpsrisk analysis

Soft Skills

leadershipmentorshipcollaborationcommunicationprocess improvementdocumentation