Job Description

Job Title: Director of Vulnerability Management II
Location: Remote

About Us:
Our client is committed to safeguarding your valuable assets through comprehensive cybersecurity strategies. Our client is currently looking for a skilled and driven Director of Vulnerability Management to become a key member of their team.

Key Responsibilities:

• Lead the company's Vulnerability Management program as the subject matter expert (SME) across a global technology infrastructure that includes both legacy systems and modern cloud environments.
• Develop and enforce enterprise-wide policies and technical standards focused on vulnerability management and secure configurations.
• Oversee the complete lifecycle of vulnerability remediation, including those identified through vulnerability scans, penetration tests, application scans, and responsible disclosure programs.
• Collaborate with Security and IT teams to assess the potential impacts of vulnerabilities and recommend security controls tailored to the organization's specific environment.
• Propose and implement strategies to manage and mitigate vulnerabilities, reducing risks to levels acceptable to senior management.
• Foster strong relationships with technical teams to ensure agile and effective vulnerability management practices, especially within cloud platforms.
• Understand and align with business needs to define security solutions that meet both security and business objectives.
• Act as an advocate for vulnerability management and cybersecurity, promoting awareness, best practices, and integration across various business units.
• Provide technical expertise, guidance, and support to team members in vulnerability assessments.
• Continuously improve and develop KPIs and metrics to measure the effectiveness of the vulnerability management program.
• Lead or participate in new projects as required.

Skills and Qualifications:

• Proven experience leading vulnerability management teams, with deep knowledge of security concepts and strategies and a track record of successful implementation.
• Hands-on experience with vulnerability management tools, with a strong technical understanding of assessing and identifying vulnerabilities across various operating systems, databases, and application servers.
• Excellent written and verbal communication skills, with the ability to collaborate effectively across all business functions.
• A strong ability to understand and communicate risk-related issues and technical challenges to various teams.
• Leadership skills that inspire and bring out the best in both direct reports and cross-functional teams.
• Over 6 years of experience in a vulnerability management role, with the ability to assess, prioritize, and drive remediation activities.
• Exceptional communication and interpersonal skills, capable of clearly articulating complex technical and business concepts to peers, IT leadership, and management.
• Expertise in reporting gaps in ways that highlight business risks and providing technical solutions for remediation to operations teams.
• Experience interacting with auditors and regulators, and working across hybrid cloud and on-premises infrastructures.
• Experience with large-scale vulnerability scanning technologies.
• Self-motivated with the ability to make independent decisions and the judgment to seek guidance when necessary.
• A solid understanding of the balance between risk and severity.
• Ability to work effectively in a diverse technology environment spanning multiple operating systems and architectures.
• Strong ability to build collaborative and open working relationships with technology and other stakeholders.
• In-depth understanding of security issues and risks at the enterprise, network, system/endpoint, and application levels.

Education & Experience:

• Bachelor's degree in Computer Science or a related field, or equivalent work experience.
• Typically, a minimum of ten years’ relevant experience in Information Technology.

Required Skills:

• Change Management/Configuration Management
• Vulnerability Scanning
• Information Security
• Leadership
• Controls and Compliance

Additional Skills:

• Understanding Business Requirements
• Metrics Development
• Self-Starter Attitude
• Database Management
• Excellent Written and Verbal Communication
• Subject Matter Expertise
• Remediation Processes
• Operations Management