Jobs · Washington

Manager - ASM Vulnerability Management - Patching

Deloitte · Seattle, WA · 2 days ago
Hybrid$135k–$265k/yrFull-time

Responsibilities

  • Managing exposure-based remediation and patching activities aligned to CTEM priorities
  • Leading vulnerability and patch management operations across infrastructure, middleware, and applications
  • Prioritizing remediation activities using threat intelligence, exploitability, attack paths, asset criticality, and exposure data
  • Supporting exception management, incident-driven response activities, and process improvements that reduce cyber risk
  • Developing client deliverables, contributing to proposals and points of view, and mentoring junior practitioners

Requirements

  • 10+ years of experience in information technology, information security, or both
  • Experience leading vulnerability management, patch management, or continuous threat exposure management remediation programs
  • Experience remediating vulnerabilities across Linux, Windows, middleware, and applications using tools such as BigFix, Microsoft Endpoint Configuration Manager, Red Hat Satellite, Windows Server Update Services, Tenable, Rapid7, or Qualys
  • Experience automating remediation workflows using PowerShell, Bash, Python, JavaScript Object Notation, Ansible, Terraform, or a combination of these
  • Experience using Information Technology Service Management or configuration management database platforms such as ServiceNow to coordinate remediation and report exposure reduction
  • Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future

Qualifications

  • Bachelor's degree in Computer Science, Cybersecurity, Information Systems, Engineering, Information Technology, or a related field
  • Experience in a consulting environment or with a Big 4 firm
  • Experience with ServiceNow workflows, automation, or orchestration
  • Experience with frameworks such as the National Institute of Standards and Technology Cybersecurity Framework, Center for Internet Security, International Organization for Standardization 27001, or Cloud Security Alliance Cloud Controls Matrix
  • Experience supporting proposals, statements of work, or work orders

Similar jobs