Senior Manager (Security, Vulnerability Management) - 100k

My client is hiring for a senior manager under cyber security team to manage implementation of strong risk governance frameworks and cybersecurity standards within the organization.

Requirements

• Lead and manage infrastructure vulnerability scanning, configuration compliance (across platforms, databases, networks, and voice systems), penetration testing, application security assessments, and DevSecOps practices. This includes hiring, training, coaching, setting objectives, and evaluating performance.
• Oversee external service providers and product vendors to ensure service levels are defined, monitored, and achieved effectively.
• Supervise the remediation of identified vulnerabilities by prioritizing actions and ensuring resolution within agreed timelines.
• Monitor vulnerability intelligence to assess risks in relation to both internal systems and external threat landscapes.
• Ensure comprehensive coverage for vulnerability management services across applications (including DevSecOps) and infrastructure.
• Identify gaps in controls or processes and implement initiatives to enhance the effectiveness of vulnerability management services.
• Develop metrics, reports, and insights related to VM services for business and IT stakeholders.
• Take charge during critical or actively exploited vulnerabilities by leading response planning efforts and overseeing implementation strategies.

Responsibilities

• A degree in Computer Science, Information Security, or a related field.
• At least 12 years of relevant experience, including 5+ years specializing in Vulnerability Management across various disciplines with leadership responsibilities.
• Proven expertise in delivering Vulnerability Management services and implementing effective operating procedures.
• Strong analytical skills with a deep understanding of different types of vulnerabilities and their mechanisms.
• A customer-focused mindset with a commitment to delivering high-quality services.
• Exceptional interpersonal skills with the ability to collaborate effectively across teams and communicate complex concepts clearly.
• A disciplined approach paired with professional integrity and competence.
• Hands-on experience with technologies such as Vulnerability Assessment tools, DevSecOps practices, Penetration Testing methodologies, Secure Code Review processes, Attack Surface Management tools, and Red Team operations.
• Industry-recognized certifications such as CISSP or CISM are highly desirable.