Vulnerability Manager
PANTHERx Rare Pharmacy · Pittsburgh, PA · 1 wk ago
ManagementFull-time
Vulnerability Manager
Location: Pittsburgh, PA (Hybrid)
Classification: Exempt
Status: Full-Time
Reports to: Director, Information Security
Responsibilities
- Manages enterprise vulnerability scanning and assessment activities across networks, systems, cloud platforms, databases, applications, and endpoints.
- Evaluates vulnerability scan and penetration test results to determine business risk, exploitability, and remediation priorities.
- Captures and tracks remediation efforts and validates closure of vulnerabilities through rescanning and testing.
- Prepares reports, dashboards, and metrics for leadership on vulnerability trends, remediation progress, and overall risk posture.
- Maintains vulnerability management policies, standards, procedures, and service-level objectives (SLOs) for remediation.
- Supports compliance requirements and audits related to vulnerability management, patch management, and cybersecurity controls.
- Maintains awareness of emerging threats, vendor advisories, and security bulletins to identify vulnerabilities that may impact organizational assets.
- Continuously improves scanning coverage, risk scoring methodologies, and vulnerability management processes.
- Provides leadership, direction, and performance management for the Vulnerability Management team.
- Coaches, mentors, and develops team members to build technical expertise and support career growth.
- Establishes team goals, priorities, and workload management to ensure effective execution of vulnerability management activities.
- Identifies future staffing, capability, and resource needs to support the continued growth and maturity of the vulnerability management program.
Required Qualifications
- Bachelor’s degree in Information Security, Computer Science, Information Technology, or related field.
- 5–7 years of experience in cybersecurity, vulnerability management, security operations, or related disciplines.
- Experience managing enterprise vulnerability management programs and coordinating remediation efforts across multiple technology teams.
- Demonstrated experience leading, mentoring, or supervising cybersecurity professionals and/or technical teams.
- Strong knowledge of vulnerability management methodologies and qualitative risk assessment practices.
- Experience with vulnerability management tools such as Rapid7, GitHub Advanced Security, or similar platforms.
- Knowledge of operating systems, Microsoft Azure, network technologies, and common security vulnerabilities.
- Strong analytical, project management, and stakeholder communication skills.
- Ability to translate technical findings into business risk and actionable remediation plans.
Preferred Qualifications
- CISSP, GSEC, GCIA, GCIH, CRISC, Security+, or other relevant cybersecurity certifications.