Information Security Manager Vulnerability Management
(Remote U.S. Based)
We are seeking an experienced Information Security Manager to support enterprise security initiatives with a focus on vulnerability management, risk prioritization, and remediation tracking.
This role will be responsible for establishing and maintaining vulnerability baselines, coordinating remediation efforts, and improving overall vulnerability management processes. The ideal candidate brings strong experience in risk classification, reporting, and cross-functional coordination.
Key Responsibilities:
< data-start="905" data-end="960">
Vulnerability Management & Risk Prioritization- Review and analyze vulnerability data from scans, assessments, and security tools
- Establish and maintain a consolidated vulnerability baseline
- Define and manage remediation timelines aligned with risk levels
- Classify and prioritize vulnerabilities based on severity, exploitability, and business impact
- Ensure alignment with industry frameworks such as NIST
< data-start="1340" data-end="1373">
Remediation Coordination- Partner with system, server, and application owners to drive remediation efforts
- Communicate risk, expectations, and timelines clearly to stakeholders
- Track remediation progress and identify blockers or delays
- Escalate high-risk or overdue vulnerabilities as needed
< data-start="1657" data-end="1698">
Tracking, Reporting & Validation- Maintain ongoing tracking of vulnerability remediation status
- Produce regular status reports and dashboards
- Validate remediation actions through scan results and supporting evidence
- Ensure proper documentation of risk acceptance or exceptions
< data-start="1959" data-end="1987">
Program Improvement- Identify gaps in vulnerability management processes
- Recommend improvements aligned with governance standards and best practices
- Support continuous improvement of security operations and accountability
Required Qualifications:
- 8 years of experience in vulnerability inventory and baseline establishment
- 8 years of experience in risk classification and prioritization
- 8 years of experience tracking vulnerability remediation
- 8 years of experience producing status reports
- 8 years of experience validating remediation actions through scan results or supporting evidence
Additional Details:
- Location: 100% Remote (U.S. based candidates only)
- Schedule: Monday Friday, standard business hours
- Long-term contract engagement
Requirements:
- Must be authorized to work in the U.S. (U.S. Citizen or (no C2C or third-party arrangements)
Why This Role:
- Fully remote opportunity with nationwide candidate pool
- High-impact role supporting enterprise vulnerability management
- Opportunity to improve and influence security processes
Important Note:
Candidates should clearly reflect years of experience for each required skill on their resume to ensure accurate consideration.
Never miss an opportunity! Create an alert based on the job you applied for.
