Hybrid Role in Philadelphia, PA; Dallas, TX; Charlotte, NC
A leading wealth management firm is seeking a Vulnerability Management Specialist to enhance and enforce security posture across the organization's systems and infrastructure. This individual will play a critical role in identifying, assessing, and remediating vulnerabilities across the enterprise, collaborating with security architects and SMEs, and ensuring compliance with industry security standards. The ideal candidate will have expertise in vulnerability management, risk mitigation, and security operations to drive proactive security strategies.
Key Responsibilities:
- Lead vulnerability assessments across a diverse range of systems and infrastructure, ensuring vulnerabilities are identified and addressed in a timely manner.
- Implement and optimize vulnerability scanning tools (e.g., Tenable Nessus, Qualys, Rapid7) to identify vulnerabilities, misconfigurations, and weak points in the environment.
- Develop and enforce vulnerability management policies, including risk prioritization, remediation strategies, and mitigation plans.
- Collaborate with Security Operations, Cyber Threat Intelligence, and Offensive Security teams to analyze vulnerabilities and coordinate response efforts.
- Manage remediation efforts by overseeing risk acceptance, risk rating adjustments, and remediation SLAs to ensure vulnerabilities are addressed per organizational security standards.
- Develop and implement strategies for reducing false positives in vulnerability scanning results and streamlining remediation workflows.
- Support internal and external audits, ensuring compliance with regulatory requirements and risk controls related to vulnerability management.
- Drive the vulnerability management lifecycle, ensuring vulnerabilities are prioritized, tracked, and remediated based on risk and business impact.
- Continuously enhance vulnerability management processes through automation, process improvement, and scripting to improve the overall security posture.
Required Qualifications:
- 5+ years' experience in vulnerability management with a strong understanding of vulnerability scanning, risk management, and remediation processes.
- Proficiency with vulnerability management tools such as Tenable Nessus, Qualys, Rapid7, and similar scanning solutions.
- Strong knowledge of security compliance frameworks and industry security standards (e.g., NIST, CIS, ISO).
- Experience in remediation ownership, risk control strategies, and risk-based prioritization of vulnerabilities.
- Familiarity with Security Operations Center (SOC) processes and incident response.
- Ability to work cross-functionally with security architects, SMEs, and engineering teams to implement effective security strategies.
- Strong problem-solving skills with an emphasis on continuous learning, process improvement, and automation.
- Experience in scripting and automation to enhance vulnerability management workflows and remediation processes.
- Knowledge of risk acceptance, risk rating adjustments, and time-sensitive escalations in a vulnerability management context.
- Certifications such as CISSP, CISM, or similar are preferred.
- Experience with large-scale vulnerability management in enterprise environments preferred.
Interested applicants should submit a clear and concise resume that includes first name, last name, and contact information in order to be considered. Unfortunately, visa sponsorship is unavailable at this time.
This is a full-time position; Glocomms is unable to accommodate candidates seeking C2C/C2H arrangements.
