Manager, Global Vulnerability Management
United States
Full Time
3 weeks ago
$163,000 - $244,400 USD
Visa Sponsor
Key skills
CloudPythonSQLDomoSnowflakeCI/CDLeadershipCommunicationCollaboration
About this role
Role Overview
- Lead, mentor, and develop a high-performing Global Vulnerability Management team, building technical depth, analytical rigor, and measurable security outcomes. Build team capabilities while setting a high bar for technical depth, analytical rigor, and measurable security outcomes.
- Own and improve the end-to-end vulnerability and exposure management lifecycle across diverse technology stacks, from discovery and validation through remediation and closure verification.
- Drive risk reduction by prioritizing the exposures that matter most using exploitability, asset criticality, threat intelligence, attacker tradecraft, and business context rather than severity scores alone.
- Perform and review technical analysis of vulnerabilities and exposures, including exploit research, validation, root cause analysis, compensating controls, and remediation recommendations.
- Partner with engineering, infrastructure, product security, governance/risk, security operations, incident response, and threat intelligence teams to drive remediation, improve accountability for risk treatment, and align priorities to active threats.
- Support security coverage across cloud, containers, CI/CD pipelines, internet-facing services, and application ecosystems, including areas where tooling is owned by adjacent teams.
- Drive automation and data operationalization across vulnerability ingestion, enrichment, prioritization, workflow orchestration, and reporting using Python, SQL, and platforms such as Domo and Snowflake.
- Deliver clear reporting to leadership on exposure trends, remediation progress, control gaps, and areas requiring escalation.
Requirements
- Bachelor’s degree in Computer Science, Information Security, or equivalent practical experience; typically 8–10+ years in security engineering, vulnerability management, offensive security, detection engineering, infrastructure security, or related technical roles.
- Experience leading or managing a technical security team with accountability for both people leadership and delivery outcomes.
- Demonstrated ability to assess whether findings are truly exploitable or materially risky and translate that analysis into prioritized remediation plans.
- Strong hands-on background in vulnerability assessment, validation, remediation strategy, and security engineering across enterprise, cloud, and application environments.
- Deep knowledge of vulnerabilities and exposures across cloud, container, CI/CD, and software supply chain environments, including common exploitation patterns, risk considerations, and remediation approaches.
- Hands-on experience with vulnerability scanning platforms, security data integrations, engineering workflows, and the use of Python and SQL to automate and operationalize security data.
- Superb communication and collaboration skills, including the ability to challenge technical assumptions, partner with engineers, and escalate risk clearly when needed.
Tech Stack
- Cloud
- Python
- SQL
Benefits
- medical
- dental
- vision
- matching 401(k)
- paid time off
- wellness program
- coveted employee discounts for Sony products