Overview
Skills
Job Details
Position Overview:
We are seeking a highly organized and technically skilled Project Manager to support the Vulnerability Management (VM) team. This role will lead and coordinate daily operations for VM analysts, manage vulnerability-related reporting, and drive strategic initiatives to enhance data accuracy, stakeholder engagement, and threat response. The ideal candidate brings a hybrid background in cybersecurity operations, business intelligence, and public sector delivery. Experience with Rapid7, executive reporting, and NYC agency environments is strongly preferred.
Key Responsibilities:
Operational Coordination
· Facilitate the Daily Operations Call, guiding analyst workstreams and escalating risks or delays.
· Maintain and update the daily operations agenda and analyst assignments.
· Oversee daily intelligence reviews using tools like Feedly, CISA KEV/ICS, NIST, Mandiant, Shodan, and BleepingComputer.
· Monitor emerging threats and support triage of high-impact vulnerabilities.
Threat & Vulnerability Support
· Validate and enhance dashboards and analytics within Rapid7.
· Coordinate CVE tracking, vulnerability prioritization, and remediation workflows across agencies.
· Assist with scanner validation, safe release assessment, and impact analysis for code updates.
· Maintain trackers for CISA KEVs, End-of-Life (EOL) systems, and credential exposure cases.
Project Management & Reporting
· Lead or support vulnerability-related projects across public sector environments.
· Manage and deliver executive-level reports including weekly metrics, monthly status updates, and the quarterly CISO briefing deck.
· Develop presentations for escalations or executive overviews using data-driven insights.
· Act as a backup PM to ensure continuity of operations and deliverables.
Business Intelligence & Data Analytics
· Translate technical data into clear, actionable insights for executive audiences.
· Develop and manage dashboards using Tableau (including calculated fields, filters, storytelling).
· Conduct advanced data modeling using Excel (Power Query, pivot tables, lookups).
· Leverage data lakes or centralized reporting environments to ensure data accuracy and accessibility.
Agency & Stakeholder Engagement
· Serve as a liaison to NYC agencies, providing guidance on remediation activities and compliance expectations.
· Lead agency meetings, support CyHy onboarding, and manage stakeholder questions.
· Coordinate with stakeholders across IT governance structures to ensure effective communication and outcomes.
Strategic & Administrative Support
· Drive continuous improvement of reporting and operations processes with minimal supervision.
· Support asset lifecycle tracking, including vulnerability alignment with EOL notifications.
· Maintain documentation for proof of communications, vulnerability validation, and audit readiness.
Required Qualifications:
· 3–5+ years of experience in project management, cybersecurity operations, or vulnerability management
· Direct experience with Rapid7 InsightVM, CVSS scoring, asset classification, and remediation tracking
· Strong proficiency with Tableau, Excel (Power Query, pivot tables, formulas), and data storytelling
· Demonstrated business analysis and reporting skills, with ability to synthesize technical detail for leadership
· Familiarity with public sector environments; NYC agency experience strongly preferred
· Excellent communication skills (verbal, written, visual) and stakeholder management
· Self-starter with ability to manage shifting priorities in high-pressure environments
Preferred Qualifications:
· PMP, CAPM, or equivalent project management certification
· Rapid7 Administrator or vulnerability assessment certification
· Knowledge of CISA KEV, and government cybersecurity initiatives
· Understanding of NYC IT governance, compliance requirements, and inter-agency collaboration dynamics