Senior Vulnerability Management Specialist

Glocomms is partnered with a dominating investment manager, with $10T+ in global assetts, strengthening their cyber security team. As a Senior Vulnerability Management Specialist, you will play a critical role in safeguarding our client's hybrid infrastructure by identifying, prioritizing, and managing vulnerabilities across our global environment. You will work at the forefront of cybersecurity, collaborating with cross-functional teams to reduce risk, improve security posture, and support the client's mission to protect client and enterprise assets. This is an exciting opportunity for a seasoned professional with a strong background in vulnerability management, penetration testing, and cloud security to join a high-impact, fast-paced team.

Key Responsibilities

• Monitor and assess vulnerabilities across the client's assets using advanced exposure assessment platforms as part of a Continuous Threat Exposure Management (CTEM) strategy.
• Collaborate with internal teams including SOC, Cyber Threat Intelligence, and Offensive Security to validate vulnerabilities, assess risk, and recommend mitigation strategies.
• Investigate false positives and evaluate requests for risk acceptance or risk rating adjustments.
• Define and enforce remediation SLAs, build-breaking policies, and other security guardrails.
• Respond rapidly to zero-day vulnerabilities by managing escalations, generating custom reports, and conducting in-depth investigations.
• Partner with engineering teams to optimize scanning tools and enhance visibility across platforms.
• Drive continuous improvement through automation, integration of disparate security data sources, and streamlined remediation workflows.
• Provide clear, actionable reporting and insights to stakeholders to support informed decision-making.

Qualifications

Required:

• Minimum of 5 years of experience in vulnerability management, penetration testing, or related cybersecurity roles.
• Bachelor's degree in a related field or equivalent combination of education and experience.
• Strong analytical and problem-solving skills with a proactive, solution-oriented mindset.
• Excellent communication and interpersonal skills, with the ability to influence stakeholders at all levels.
• Demonstrated ability to lead cross-functional initiatives independently.
• Experience with scripting and automation for security operations.

Preferred:

• Familiarity with tools such as Aqua, Palo Alto Prisma, Wiz, CrowdStrike, Tenable Nessus, or Qualys.
• Experience with vulnerability aggregators like Brinqa, Kenna, Vulcan, Dazz, or Avalor.
• Understanding of security frameworks and risk control methodologies.
• Experience working with internal or external audit teams.

This is a hybrid role (3 days onsite) out of the client's Dallas, Greater Philadelphia, or Charlotte offices. Sponsorship is not available for this role. If you are interested, please apply in directly!