Vulnerability Lead

The Role:

We are seeking a highly experienced Vulnerability Lead to join the Cyber Security organization, reporting directly to the Head of PMO under the CISO.

This role combines deep domain expertise in Vulnerability Management with strong project leadership capabilities. The primary focus is to lead and mature the organization’s vulnerability management program, while also driving additional cross-functional security initiatives.

The ideal candidate brings hands-on experience in vulnerability lifecycle management, risk-based prioritization, and remediation at scale, along with the ability to operate across security, engineering, infrastructure, and product teams.

Responsibilities:

• Vulnerability Management Leadership
• Own and lead the organization’s Vulnerability Management program across cloud, infrastructure, SaaS, and application environments.
• Drive end-to-end vulnerability lifecycle: identification, assessment, prioritization, remediation, and validation.
• Implement and enforce risk-based prioritization aligned with business impact and threat intelligence.
• Define, track, and improve KPIs such as SLA adherence, remediation timelines, and exposure trends.
• Work closely with Security, DevOps, Infrastructure, and Engineering teams to ensure effective remediation at scale.
• Project & PMO Execution
• Lead and deliver additional cross-functional cyber security projects under the CISO organization.
• Define project scope, objectives, timelines, and success metrics aligned with security strategy.
• Manage execution, dependencies, risks, and stakeholder alignment across multiple initiatives.
• Prepare executive-level reporting and dashboards for the CISO and senior leadership.
• Strategy & Improvement
• Continuously improve vulnerability management processes, tooling, and governance.
• Support audits, compliance requirements, and security risk reporting.
• Act as a subject matter expert for vulnerability risk across the organization.

Required Qualifications:

• 3-5 years of experience in Vulnerability Management, cyber security operations, or related domains.
• Strong hands-on experience managing vulnerability lifecycle and remediation processes at scale.
• Proven experience working with vulnerability management tools (e.g., Qualys, Tenable, Rapid7, Wiz, Prisma Cloud).
• 3+ years of experience in project or program management within technology or security environments.
• Strong understanding of cloud, infrastructure, and application environments.
• Experience working cross-functionally with Security, DevOps, Engineering, and IT teams.
• Experience in risk-based prioritization and security risk management methodologies.
• Hands-on experience with project management tools such as Jira, Monday, Asana, or similar systems.
• Excellent communication skills with experience presenting to senior leadership.

Preferred Qualifications: 

• Experience working within a CISO organization or Security PMO.
• Background in SaaS, cloud infrastructure, or large-scale enterprise environments.
• Familiarity with regulatory frameworks (ISO 27001, SOC 2, NIST, etc.).
• Experience leading enterprise-wide security or risk reduction initiatives. BSc in Industrial Engineering, Computer Science, or a related field.