You will be responsible for overseeing the enterprise-wide vulnerability management lifecycle, including identifying, assessing, prioritizing, and driving the remediation of security vulnerabilities across systems, applications, and infrastructure to reduce cyber risk exposure. This role requires strong technical skills, cross-functional coordination, and experience with vulnerability management tools and risk frameworks.
You will manage regular scans, penetration tests, and asset inventory mapping, ensuring full coverage and alignment with the organization’s risk tolerance and compliance requirements. You'll analyze and prioritize vulnerabilities using CVSS scores, exploitability, and asset criticality, while coordinating remediation efforts with IT and engineering teams. In addition, you will oversee tools such as Tenable and ensure integration with SIEMs, CMDBs, and ticketing systems. You’ll deliver key metrics and dashboards to senior management, support audits, define patch ownership across teams, and lead or guide the vulnerability management function. You will also participate in incident response, working with threat intelligence and red teams to address high-risk vulnerabilities.
Requirements
- Bachelor’s degree in Cybersecurity, Computer Science, or a related field
- At least 5+ years of experience in cybersecurity, with 2+ years focused on vulnerability management
- Strong knowledge of vulnerability scanning tools and security frameworks (CVSS, MITRE ATT&CK, NIST)
- Understanding of operating systems (Windows, Linux), networks, web applications, and cloud environments
- Experience managing cross-functional remediation projects
- Preferably with the following certifications - CISSP, CISM, OSCP, CEH, or similar
- ITIL and PMP certifications for project and process management
- Excellent communication and stakeholder engagement skills
- Strong analytical thinking and problem-solving ability
- Proven experience in managing multiple priorities and delivering under pressure
Only shortlisted candidates will be notified.