Vulnerability & Cloud Security Program Manager
New
Based in the United StatesFull-TimeManager
Salary180,000 - 220,000 USD per year
Apply NowOpens the employer's application page
Job Details
- Experience
- 5+ years of experience in vulnerability management, with at least 2+ years focused on cloud security.
- Required Skills
- AWS
Requirements
- Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or equivalent practical experience.
- 5+ years of experience in vulnerability management, with at least 2+ years focused on cloud security.
- Hands-on experience with CSPM and vulnerability management tools such as Wiz, AWS Inspector, Nessus, or OpenSCAP.
- Strong knowledge of AWS security architecture, cloud-native environments, and infrastructure security best practices.
- Familiarity with vulnerability scoring systems (e.g., CVSS) and risk-based prioritization methodologies.
- Strong communication and stakeholder management skills, with the ability to collaborate across technical and non-technical teams.
- Relevant certifications such as CISSP, AWS Security Specialty, or GIAC Cloud Security are a plus.
- Knowledge of compliance frameworks including PCI DSS, HIPAA, SOX, or FedRAMP is highly desirable.
Responsibilities
- Lead and manage the end-to-end vulnerability management and cloud security posture management (CSPM) lifecycle, ensuring timely identification, prioritization, and remediation of risks across environments.
- Administer and optimize security tooling and platforms, including configuration, automation, reporting, integrations, and workflow improvements.
- Monitor cloud infrastructure (primarily AWS) to detect misconfigurations, excessive permissions, and compliance drift, ensuring continuous security posture improvement.
- Partner with engineering, DevOps, and infrastructure teams to coordinate remediation efforts, provide technical guidance, and resolve complex vulnerabilities.
- Align vulnerability and cloud security practices with regulatory and industry frameworks such as NIST CSF, ISO 27001, FedRAMP, and CIS Controls.
- Track, analyze, and report security KPIs and risk metrics, including vulnerability trends, remediation SLAs, and overall risk posture to leadership.
- Drive automation of detection, remediation, and security workflows to improve efficiency and scalability of security operations.
View Full Description & ApplyYou'll be redirected to the employer's site