Vulnerability Management Manager

Overview

The Systems Manager, Vulnerability Management leads the Vulnerability Management team and drives measurable risk reduction across systems, Cloud, applications and operational technology (OT) and reports to the Director, Cybersecurity Operations while partnering closely with engineering, platform, operations, application security, cloud teams, and OT stakeholders to strengthen cloud security work tied to resource misconfigurations, advance application security through shift left and runtime security and build OT security vulnerability management capability from scratch by defining scope, intake, prioritization, remediation paths and verification, while ensuring rapid and well-coordinated response to emerging critical vulnerabilities and risks such as secrets leakage.

This role will modernize the vulnerability management program towards Continuous Threat Exposure Management (CTEM), by connecting vulnerabilities to real exposure and threat context and tracking outcomes that reflect risk reduction over time. Stakeholder management is a core responsibility, including socializing new programs, desired outcomes and operating models with engineering, platform, operations and security leadership and aligning ownership and expectations so remediation becomes predictable and measurable. You will also train and develop a team of about 9 by building repeatable operating routines, improving escalation and incident coordination, and creating skills roadmap across cloud security, application security, vulnerability workflows, runtime protection, and OT fundamentals, and you will help futureproof the capability by recruiting, onboarding, and developing additional vulnerability management talent as the program grows. In addition, the Systems Manager will participate in industry working groups and forums to collaborate with peers on CTEM and vulnerability management programs and processes.

Responsibilities

• Manage a team of about 9, coach performance and continuously build capabilities through hiring, skills plans and targeted training.
• Provide clear updates to leadership and partner teams, including project status, emerging issues and remediation progress for high severity items.
• Evolve beyond vulnerability patching by connecting vulnerabilities to exposure and threat context.
• Lead end to end intake, triage, prioritization and remediation coordination for system wide vulnerabilities.
• Identify and drive automation opportunities across scan orchestration, remediation ticketing, SLA tracking, and CI/CD pipeline integration to reduce manual effort and improve response time.
• Lead end-to-end tracking, risk assessment, and escalation for emerging critical vulnerabilities, including managing risk exceptions, proposing and documenting compensating controls and maintaining clear status updates.
• Partner with Cloud, platform and engineering stakeholders to reduce cloud risk misconfigurations. Triage findings by business impact, exploitability and exposure.
• Work with Application and Engineering Teams to prevent vulnerable code and insecure configurations earlier in the lifecycle. Ensure findings are triaged correctly, assigned owners, and tracked to SLA for remediation, with escalation when remediation is at risk.
• Drive effective Web Application Firewall operations, including rule tuning, validation and quality improvements.
• Coordinate response to runtime risks and findings discovered during execution.
• Stand up OT intake, scope, asset coverage, remediation paths and verification.
• Train internal partners on how OT findings are prioritized and handled.

Qualifications

• Bachelor's Degree and 8 years of relevant work experience. or
• Master's Degree and 6 years of relevant work experience.

• Master's Degree Majors preferred in IT, computer science, business administration, engineering or related. and 6 years of relevant work experience.

• 6+ years in vulnerability management, security operations, application security, system security, or a related field, with proven ownership of triage and remediation workflows, required.
• Proven people leadership experience, including coaching, performance management, hiring and skills development for technical teams, required.
• Strong cloud security fundamentals, especially reducing critical and high-risk resource misconfigurations with stakeholder partners, required.
• Strong application security fundamentals, including shift left and runtime risk management, required.
• Experience leading response for critical vulnerabilities and urgent events, including zero-day response, secrets leakage triage, escalation, containment and validation, required.
• Experience tracking vulnerability and remediation metrics and building dashboards to measure SLA performance, aging, risk reduction and trends over time, required.
• Ability to turn security strategy into measurable operations, including metrics and leadership reporting, required.
• Experience standing up new programs from scratch with clear scope, intake and success criteria, required.
• Experience with CTEM or equivalent exposure management models beyond patching metrics, preferred.
• Practical WAF experience, including rule tuning, validation and improving detection quality, preferred.
• OT environment experience, or strong ability to quickly build OT vulnerability management capability, preferred.
• Experience applying vulnerability management and remediation controls to regulatory and compliance requirements, such as NERC CIP for OT and critical infrastructure, preferred.
• Certifications such as CISSP, CISM, GIAC or equivalent, required.

• Driver's License Required
• Project Management Professional (PMP) Training and/or certification in Project Management is a plus. Preferred

• Sit or stand to answer a phone for the duration of the workday
• Sit or stand to use a keyboard, mouse, and computer for the duration of the workday
• Ability to read small print and symbols

• The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays.
• Must be able and willing to travel within Company service territory, as needed.