DescriptionAbout the role The Vulnerability & Cloud Security Program Manager leads the enterprise vulnerability management and cloud security posture management (CSPM) programs, ensuring timely identification, assessment, prioritization, and remediation of risks across on-premise, cloud, and application environments. This role leverages modern cloud security and vulnerability management platforms to monitor, analyze, and strengthen our security posture. You will collaborate closely with engineering, DevOps, and infrastructure teams to reduce risk exposure, support compliance obligations, and advance the organization's overall security maturity.
Location - We are flexible on remote working from home, if you are located in the USA and reside in one of the following states -
CA, CO, CT, FL, GA, *IL, KS, ME, MA,
MD, NJ, NC, NY, OR, TN, TX, VA, and
WA We have physical offices in Austin, TX and Tampa, FL, if you prefer a hybrid option.
What You'll Be Doing - Lead and operate the full vulnerability management and CSPM lifecycle, ensuring timely discovery, assessment, prioritization, and remediation.
- Administer and optimize our vulnerability management and CSPM platforms, including policies, integrations, reporting, and automation.
- Monitor cloud and infrastructure environments to identify misconfigurations, excessive permissions, and compliance drift, primarily in AWS.
- Partner with engineering and DevOps teams to drive remediation efforts, facilitate triage discussions, and provide technical guidance on complex issues.
- Align security practices with frameworks such as FedRAMP, NIST CSF, ISO 27001, and CIS Controls.
- Track and report key KPIs and risk metrics to leadership, including SLA compliance and vulnerability trends.
- Automate detection, remediation workflows, and tool integrations to enhance efficiency and expand security capabilities
About You - Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or equivalent experience.
- 5+ years of experience in vulnerability management and at least 2+ years in cloud security.
- Hands-on experience with CSPM tools, vulnerability detection platforms, and automation (Wiz, AWS Inspector, Nessus, OpenSCAP preferred).
- Strong understanding of AWS security best practices and cloud-native architectures.
- Familiarity with vulnerability scoring systems like CVSS and risk-based prioritization.
- Excellent communication, collaboration, and stakeholder management skills.
- Security certifications such as CISSP, AWS Security Specialty, or GIAC Cloud Security are a plus.
- Preferred knowledge of regulatory and compliance frameworks such as PCI DSS, HIPAA, SOX, FedRAMP.
Starting pay for the successful applicant depends on a variety of job-related factors, including but not limited to location, market demands, experience, job-related knowledge, and skills. The benefits available for this position include medical, dental, vision, 401(k) plan, life insurance coverage and PTO. For roles based in California, Colorado, Maryland, New Jersey, or Washington the base salary hiring range for this position is$180,000 to $220,000 per year.
For roles based in New York, the base salary hiring range for this position is $180,000 to $220,000 per year.