Manager, Cyber Risk Vulnerability

***Remote But not allowed in the following States: Alaska, North Dakota, Nebraska, Hawaii, Oklahoma, Vermont, Maine, West Virginia, Wyoming, New Hampshire, Puerto Rico.***

A prestigious company is looking for a Manager, Cyber Risk Vulnerability. This manager will lead a team with focus on vulnerability management and discovery, risk based prioritization, cloud/on-prem vulnerability, CVSS, Vulnerability scanning, Automation, etc.

Responsibilities:

• Leads, coaches, and develops a team of engineers responsible for vulnerability discovery, assessment, risk-based prioritization, and remediation tracking across cloud, on-premises, and hybrid environments
• Envisions, defines, designs, builds, staffs, and delivers vulnerability management processes and capabilities
• Leads and supports the planning and execution of team goals and projects, including setting long-term strategy and making decisions about tools, technology, and staffing needs
• Partners closely with stakeholders across technology, including architecture, engineering, infrastructure, application development, and cyber risk management teams to facilitate vulnerability communications, support remediation activities, and provide continuous reporting. Collaborates with enterprise risk, compliance, and threat intelligence teams to ensure vulnerability management aligns with the organization s overall risk management strategy.
• Ensures all project deliverables meet high standards for accuracy, completeness, and impact, and are delivered on time to support team and organizational objectives
• Represents the vulnerability management program to senior leadership, delivering concise, risk-informed insights and recommendations
• Manages program metrics, reporting, and performance indicators to demonstrate business value, operational maturity, and continuous improvement

Qualifications

• 8+ years w/Bachelor s degree;
• 1+ years supervisory/management
• Industry certifications such as CISSP, GSEC, OSCP, or comparable security-related credentials are strongly preferred
• Proven experience managing enterprise-scale vulnerability management programs and tools
• Proven expertise in developing, mentoring, and retaining high-performing teams while fostering a mindful, inclusive, and trust-based team culture
• Demonstrated background in strategic planning, service/program development, capability assessment, and building strong narratives to drive decision-making and create change
• Deep understanding of risk-based vulnerability management. Knowledge of vulnerability scoring systems (CVSS), security benchmarks (CIS, NIST), and risk quantification techniques
• Proficiency in selecting, implementing, and managing vulnerability scanning tools (e.g., SAST, SCA, IAST, DAST, Network/Infrastructure, Cloud, etc.) across the technology stack
• Experience designing and implementing automation for vulnerability management processes using generative AI, agent-based systems, large language models (LLMs), or machine learning to improve efficiency, effectiveness, and scalability
• Skilled in analyzing business and technical requirements and translating them into effective solutions, technical plans, roadmaps, budgets, and proposals that support cyber program growth and align with cyber and organizational goals