It Security Manager

Overview

• Manage the enterprise vulnerability management program, ensuring identification, assessment, and remediation of vulnerabilities across systems and infrastructure.
• Collaborate with security and operations teams to align remediation efforts with organizational risk tolerance and compliance requirements.
• Design and govern program strategies, including patching schedules and maintenance plans to minimize business impact.
• Evaluate vulnerability criticality using risk-based frameworks and threat intelligence for informed decision-making.
• Coordinate emergency patching efforts for critical vulnerabilities, ensuring rapid deployment with minimal disruption.
• Document and maintain procedures, baselines, and reporting methods to support audits and program improvement.
• Provide detailed reporting on vulnerability trends, program KPIs, and risk exposure to technical teams and leadership.
• Ensure compliance with security frameworks such as NIST and CIS Controls through enforced patching standards.

Key Responsibilities & Duties

• Lead vulnerability assessments, prioritization, and remediation tracking across enterprise endpoints and cloud environments.
• Design phased rollout plans and maintenance schedules that align with security and compliance requirements.
• Coordinate patch deployment efforts, tracking status and enforcing remediation SLAs.
• Correlate scan findings with patch deployment status to identify coverage gaps and escalate high-risk exceptions.
• Perform advanced troubleshooting for complex vulnerabilities, collaborating with system administrators and engineering teams.
• Document vulnerability management procedures and reporting methods to support audits and continuous improvement.
• Develop and deliver detailed reporting on program KPIs and risk exposure to leadership.
• Ensure patch compliance standards align with organizational policies and security frameworks.

Job Requirements

• Bachelor's degree in IT, Computer Science, or related field, or equivalent experience.
• 3–5 years of experience in vulnerability management or related security roles.
• Proficiency with tools such as Tenable, Qualys, or Rapid7, and endpoint patch management platforms.
• Strong analytical, communication, and interpersonal skills to manage multiple priorities effectively.
• Experience with automated vulnerability management solutions and compliance reporting.
• Familiarity with security frameworks such as NIST CSF or ISO 27001.
• Relevant certifications such as CISSP, CISM, or CISA are preferred.
• Ability to obtain and maintain a Secret clearance; U.S. citizenship required.