Vulnerability Manager (Contract)
Tokio Marine HCC · Greater Houston · 6 days ago
ManagementFull-time
About the role
Lead the organization's vulnerability management program by identifying, assessing, prioritizing, and coordinating the remediation of security vulnerabilities across IT infrastructure, applications, and cloud environments. Improve the organization's security posture through continuous risk reduction.
Responsibilities
- Develop and manage the enterprise vulnerability management lifecycle, including scanning, assessment, reporting, and remediation tracking.
- Conduct regular vulnerability scans using Qualys or similar platforms.
- Analyze scan results, validate findings, and work with IT and development teams to prioritize and remediate vulnerabilities.
- Maintain an accurate inventory of assets and ensure proper coverage of vulnerability scanning tools.
- Collaborate with threat intelligence and incident response teams to assess exploitability and risk context.
- Track remediation efforts and provide regular status updates to leadership and stakeholders.
- Develop and maintain metrics and dashboards to measure program effectiveness and risk reduction.
- Stay current with emerging threats, vulnerabilities, and security advisories.
- Support compliance and audit activities related to vulnerability management.
- Provide guidance and training on secure configuration and patch management best practices.
Requirements
- Education: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field.
- Relevant certifications preferred: CISSP, OSCP, CEH, CompTIA Security+, or similar.
- Experience: 5+ years of experience in vulnerability management, security operations, or related cybersecurity roles.
- Experience with vulnerability management tools (e.g., Qualys, Akamai).
- Experience with ticketing systems (e.g., ServiceNow, Jira) and GRC platforms is a plus.
- Scripting or automation experience (e.g., Python, PowerShell).
- Experience with container and DevSecOps vulnerability management (e.g., Docker, Kubernetes, SCA tools).
Qualifications
- Strong knowledge of vulnerability scanning tools and techniques.
- Familiarity with Windows, Linux, networking, AWS, Azure, and web application security.
- Understanding of CVSS scoring, risk assessment methodologies, and remediation workflows.
- Strong communication and collaboration skills.
- Ability to manage multiple priorities in a fast-paced environment.