Principal Security Vulnerability Manager

We are seeking a highly experienced and proactive Principal Security Vulnerability Manager to join our cybersecurity team. This role is responsible for identifying and mitigating potential vulnerabilities across network, system, and application environments. The ideal candidate will lead vulnerability and risk assessment initiatives, develop and recommend robust security enhancements, and collaborate cross-functionally with engineering, product, infrastructure, and architecture teams to ensure a secure technology ecosystem.
Key responsibilities include security consultation, penetration testing, forensic investigations, incident response planning and execution, and reviewing security posture across the Software Development Life Cycle (SDLC). You will work closely with stakeholders to ensure security-by-design principles are implemented, supported by clear documentation, recommendations, and presentations. A critical aspect of the role will also be the development and maintenance of KPIs and dashboards for vulnerability remediation tracking.
Key Responsibilities:

• Identify potential network, system, and application-level vulnerabilities.
• Develop and implement comprehensive mitigation strategies.
• Conduct security investigations and computer forensic analysis.
• Perform penetration testing and security-focused architecture reviews.
• Lead and support incident response planning and execution.
• Assess security vulnerabilities within the SDLC and collaborate with Engineering and Product teams to address risks early.
• Partner with architecture, infrastructure, and DevOps teams to analyze current security architecture and recommend improvements.
• Deliver presentations and reports on identified risks and proposed security enhancements to leadership.
• Design and review policies and procedures to strengthen the organization’s security posture.
• Evaluate and recommend configurations and tools including, but not limited to: secure remote access, web content filtering, endpoint security, data loss prevention, and email security.
• Build and maintain remediation dashboards and metrics using KPIs.
• Provide mentorship, guidance, and recommendations to teams and leadership.
• Ensure smooth transitions, implementations, and system migrations with strong documentation support.
• Drive vulnerability management programs across cloud, network, and containerized environments (e.g., Kubernetes clusters).