Jobs · Information Technology · California

Senior Manager - ASM Vulnerability Management - Patching

Deloitte · San Diego, CA · 1 wk ago
HybridInformation Technology$163k–$322k/yrFull-time

Responsibilities

  • Managing exposure-based remediation and patching activities aligned to CTEM priorities
  • Leading vulnerability and patch management operations across infrastructure, middleware, and applications
  • Prioritizing remediation activities using threat intelligence, exploitability, attack paths, asset criticality, and exposure data
  • Supporting exception management, incident-driven response activities, and process improvements that reduce cyber risk
  • Developing client deliverables, contributing to proposals and points of view, and mentoring junior practitioners

Requirements

  • 10+ years of experience in information technology, information security, or both
  • Experience leading vulnerability management, patch management, or continuous threat exposure management remediation programs
  • Experience remediating vulnerabilities across Linux, Windows, middleware, and applications using tools such as BigFix, Microsoft Endpoint Configuration Manager, Red Hat Satellite, Windows Server Update Services, Tenable, Rapid7, or Qualys
  • Experience automating remediation workflows using PowerShell, Bash, Python, JavaScript Object Notation, Ansible, Terraform, or a combination of these
  • Experience using Information Technology Service Management or configuration management database platforms such as ServiceNow to coordinate remediation and report exposure reduction
  • Must be legally authorized to work in the United States without the need for employer sponsorship

Qualifications

  • Bachelor's degree in Computer Science, Cybersecurity, Information Systems, Engineering, Information Technology, or a related field
  • Experience in a consulting environment or with a Big 4 firm
  • Experience with ServiceNow workflows, automation, or orchestration
  • Experience with frameworks such as the National Institute of Standards and Technology Cybersecurity Framework, Center for Internet Security, International Organization for Standardization 27001, or Cloud Security Alliance Cloud Controls Matrix

Similar jobs