Lead Vulnerability Management Specialist
The specialist will oversee vulnerability identification, validation, and remediation, leveraging industry-leading tools such as Qualys, Tenable Nessus, Wiz, Prisma Cloud, and CrowdStrike Falcon. Responsibilities include managing CVE lifecycle, addressing zero-day events, and implementing risk-based prioritization strategies to ensure timely remediation aligned with SLAs. The role will also enforce security hardening, guardrails, and build-breaking policies to maintain secure configurations across Windows, Linux, and Kubernetes environments.
Key duties involve:
- Leading continuous threat exposure management (CTEM) and attack surface reduction initiatives.
- Driving structured process improvements for consistency in remediation workflows and owner experience.
- Collaborates closely with SOC, cyber defense, red team, and platform engineering groups to consolidate insights and improve enterprise-wide visibility.
- Developing dashboards, custom reports, and remediation progress tracking for stakeholders.
- Managing stakeholder communication and influencing multi-team initiatives to meet audit and compliance requirements.
- Utilizing automation and scripting to streamline vulnerability assessments and remediation processes.
Key Qualifications:
- 7+ years of experience in vulnerability management or related cybersecurity roles.
- Strong understanding of CVE lifecycle, risk-based prioritization, and remediation SLAs.
- Hands-on experience with vulnerability management tools (e.g., Qualys, Tenable Nessus, Wiz, Prisma Cloud, CrowdStrike Falcon).
- Expertise in hybrid infrastructure, including on-prem systems and cloud platforms (AWS, Azure).
- Familiarity with Windows, Linux, Kubernetes, and secure configuration management.
- Proven ability to collaborate across SOC, engineering, and security teams.
- Proficiency in automation and scripting for process improvement.
- Knowledge of security frameworks and compliance requirements.
- Excellent communication and stakeholder management skills.
- Bachelor's degree in Computer Science or a related technical discipline or equivalent work experience is required; advanced degree preferred.
This is a hybrid role based in one of the following locations: Dallas-Fort Worth (DFW), Charlotte, or the Philadelphia Metro area. Candidates must be willing to work onsite three times per week at one of these locations and must be fully authorized to work in the United States without sponsorship.
FAQs
Congratulations, we understand that taking the time to apply is a big step. When you apply, your details go directly to the consultant who is sourcing talent. Due to demand, we may not get back to all applicants that have applied. However, we always keep your CV and details on file so when we see similar roles or see skillsets that drive growth in organisations, we will always reach out to discuss opportunities.
Yes. Even if this role isn’t a perfect match, applying allows us to understand your expertise and ambitions, ensuring you're on our radar for the right opportunity when it arises.
We also work in several ways, firstly we advertise our roles available on our site, however, often due to confidentiality we may not post all. We also work with clients who are more focused on skills and understanding what is required to future-proof their business.
That's why we recommend registering your CV so you can be considered for roles that have yet to be created.
Yes, we help with CV and interview preparation. From customised support on how to optimise your CV to interview preparation and compensation negotiations, we advocate for you throughout your next career move.