Vulnerability & Cloud Security Program Manager
About the role
The Vulnerability & Cloud Security Program Manager leads the enterprise vulnerability management and cloud security posture management (CSPM) programs, ensuring timely identification, assessment, prioritization, and remediation of risks across on-premise, cloud, and application environments. This role leverages modern cloud security and vulnerability management platforms to monitor, analyze, and strengthen our security posture. You will collaborate closely with engineering, DevOps, and infrastructure teams to reduce risk exposure, support compliance obligations, and advance the organization’s overall security maturity.
Location: We are flexible on remote working from home, if you are located in the USA and reside in one of the following states - CA, CO, CT, FL, GA, IL, KS, ME, MA, MD, NJ, NC, NY, OR, TN, TX, VA, and WA. We have physical offices in Austin, TX and Tampa, FL, if you prefer a hybrid option.
What You’ll Be Doing
- Lead and operate the full vulnerability management and CSPM lifecycle, ensuring timely discovery, assessment, prioritization, and remediation.
- Administer and optimize our vulnerability management and CSPM platforms, including policies, integrations, reporting, and automation.
- Monitor cloud and infrastructure environments to identify misconfigurations, excessive permissions, and compliance drift, primarily in AWS.
- Partner with engineering and DevOps teams to drive remediation efforts, facilitate triage discussions, and provide technical guidance on complex issues.
- Align security practices with frameworks such as FedRAMP, NIST CSF, ISO 27001, and CIS Controls.
- Track and report key KPIs and risk metrics to leadership, including SLA compliance and vulnerability trends.
- Automate detection, remediation workflows, and tool integrations to enhance efficiency and expand security capabilities.
About You
- Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or equivalent experience.
- 5+ years of experience in vulnerability management and at least 2+ years in cloud security.
- Hands-on experience with CSPM tools, vulnerability detection platforms, and automation (Wiz, AWS Inspector, Nessus, OpenSCAP preferred).
- Strong understanding of AWS security best practices and cloud-native architectures.
- Familiarity with vulnerability scoring systems like CVSS and risk-based prioritization.
- Excellent communication, collaboration, and stakeholder management skills.
- Security certifications such as CISSP, AWS Security Specialty, or GIAC Cloud Security are a plus.
- Preferred knowledge of regulatory and compliance frameworks such as PCI DSS, HIPAA, SOX, FedRAMP.
About Us
NinjaOne automates the hardest parts of IT to deliver visibility, security, and control over all endpoints for more than 40,000 customers. The NinjaOne automated endpoint management platform is proven to increase productivity, reduce security risk, and lower costs for IT teams and managed service providers. NinjaOne is obsessed with customer success and provides free and unlimited onboarding, training, and support. NinjaOne is #1 on G2 in endpoint management, patch management, remote monitoring and management, and mobile device management.
What You’ll Love
- A collaborative, kind, and curious community.
- Flexible full-time work that is hybrid remote.
- Comprehensive benefits package, including medical, dental, and vision insurance.
- 401(k) plan to help prepare for your financial future.
- Unlimited PTO to prioritize your work-life balance.
- Opportunity for growth and advancement.
Additional Information
- This position is NOT eligible for Visa sponsorship.
- Due to federal government security requirements associated with our FedRAMP-authorized environment, candidates must be U.S. citizens or lawful permanent residents.
- We are committed to providing an inclusive and diverse work environment.