CrawlJobs Logo

Vulnerability & Application Security Manager

sysco.com Logo

Sysco

Location Icon

Location:
United States , Houston

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We are seeking a hands-on and strategic Vulnerability & Application Security Manager to lead and evolve our security posture across infrastructure and applications. This role is ideal for a technically proficient leader who thrives on solving complex security challenges, actively engages in day-to-day operations, and continuously identifies opportunities to mature and scale our security programs.

Job Responsibility:

  • Scanning, assessment, prioritization, remediation coordination, and tool management (e.g., Tenable, Wiz, Armis)
  • SDLC integration, SAST/DAST/SCA scans, threat modeling, secure coding collaboration, bug bounty management
  • Identifying gaps, implementing automation, improving processes, staying current with threats and technologies
  • Developing dashboards and tracking remediation progress, vulnerability trends, and risk posture
  • Ensuring adherence to OWASP, NIST, PCI-DSS, HIPAA, and other relevant frameworks
  • Mentoring staff, leading analysts/engineers, fostering growth and collaboration

Requirements:

  • Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Information Technology, or a related field
  • 7+ years of experience in cybersecurity, with at least 2 years in a leadership role or vulnerability management
  • CISSP, CISM, OSCP, or GIAC, or equivalent
  • Strong knowledge of vulnerability management tools (e.g., Tenable, Wiz, Armis)
  • Proven hands-on experience with vulnerability management and application security tools and techniques
  • Familiarity with CVSS, MITRE ATT&CK, and threat modeling
  • Experience with cloud platforms (AWS, Azure, GCP) and container security
  • Excellent communication, analytical, and project management skills

Nice to have:

10+ years of experience in cybersecurity, with at least 4 years in a leadership role or vulnerability management

Additional Information:

Job Posted:
December 26, 2025

Employment Type:
Fulltime
Icon
Sysco - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Vulnerability & Application Security Manager

Vulnerability Management Security Engineer

As a Vulnerability Management Engineer, you will be a vital part of Adevinta's I...
Location
Location
Spain , Barcelona
Salary
Salary:
Not provided
adevinta.com Logo
Adevinta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • You have a hacker mindset, an open mindset, with technical skills and a passion for security
  • You have strong analytical and problem-solving skills, with the ability to synthesise complex data into actionable insights
  • You recognize the need for automation to handle problems at scale, and you can implement that automation
  • You are proficient in cloud operations, particularly in AWS but ideally also in GCP
  • You have excellent fundamental knowledge of network, protocol, system and application security, as well as of the industry-standard strategies and frameworks that apply
  • You have software development skills and database knowledge
  • You have excellent communication and interpersonal skills, with the ability to build relationships and influence others
  • You deal with problems by taking ownership and by collaborating with others
  • You are fluent in English (spoken and written)
  • You are comfortable in a multicultural environment
Job Responsibility
Job Responsibility
  • You will conduct and manage bug bounty programs, perform and manage penetration testing, and lead threat modelling sessions
  • You will automate internal flows for security data aggregation
  • You will integrate security tools by automated means
  • You will automate the handling of threat intelligence and environment data in order to enhance security controls
  • You will ensure our assets are properly reporting events to the SIEM, and support the definition of rules for generating alerts
  • You will support the other Infosec teams as a subject-matter expert
  • You will work in a hybrid remote/on-site environment, with the team physically spread across different geolocations (Adevinta’s hubs: Barcelona & Amsterdam)
  • You may be required to travel occasionally, mainly inside the EU, to our main hubs
  • You will have the possibility of being on-call
What we offer
What we offer
  • An attractive Base Salary
  • Participation in our Short Term Incentive plan (annual bonus)
  • Work From Anywhere: Enjoy up to 20 days a year of working from anywhere
  • A 24/7 Employee Assistance Program for you and your family
  • Fulltime
Read More
Arrow Right

Engineering Manager, Offensive Security & Vulnerability Management

Join us in building the future of finance. Our mission is to democratize finance...
Location
Location
Canada , Toronto
Salary
Salary:
161500.00 - 190000.00 CAD / Year
robinhood.com Logo
Robinhood
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in security
  • 3+ years managing technical teams in Offensive Security, Red Teaming, or Vulnerability Management
  • Strong technical foundations in adversary simulation, threat modeling, and vulnerability lifecycle management
  • Strategic thinking, translating offensive findings and vuln data into business risk language and operational improvements
  • Experience building and scaling automated security validation (e.g. Purple teaming, attack simulation, continuous testing frameworks)
  • Operating in complex challenging environments and networks
  • Influence across functions and driving remediation outcomes without direct authority
Job Responsibility
Job Responsibility
  • Lead the Offensive Security team in planning and executing red team operations, internal penetration tests, and adversary emulation campaigns
  • Oversee the Vulnerability Management team responsible for running our bug bounty program as well as continuous discovery, triage, and remediation of vulnerabilities across infrastructure, applications, and cloud environments
  • Define and drive the strategy for Autonomic Security Operations, investing in automated testing and validation pipelines that codify security knowledge and detection coverage
  • Partner closely with engineering, product, threat intelligence and detection & response stakeholders to ensure controls are continuously tested and vulnerabilities are effectively surfaced
  • Build processes, tooling, and dashboards to track and communicate vulnerability and control assurance metrics to stakeholder and leadership
  • Contribute to long-term security planning by identifying control gaps, operational bottlenecks, and opportunities to scale security through automation
What we offer
What we offer
  • bonus opportunities
  • equity
  • benefits
  • Fulltime
Read More
Arrow Right

Engineering Manager, Offensive Security & Vulnerability Management

Robinhood’s Security Operations team is seeking a strategic and technical Senior...
Location
Location
United States , Menlo Park
Salary
Salary:
217000.00 - 255000.00 USD / Year
robinhood.com Logo
Robinhood
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in security
  • 3+ years managing technical teams in Offensive Security, Red Teaming, or Vulnerability Management
  • Strong technical foundations in adversary simulation, threat modeling, and vulnerability lifecycle management
  • Strategic thinking, translating offensive findings and vuln data into business risk language and operational improvements
  • Experience building and scaling automated security validation (e.g. Purple teaming, attack simulation, continuous testing frameworks)
  • Operating in complex challenging environments and networks
  • Influence across functions and driving remediation outcomes without direct authority
Job Responsibility
Job Responsibility
  • Lead the Offensive Security team in planning and executing red team operations, internal penetration tests, and adversary emulation campaigns
  • Oversee the Vulnerability Management team responsible for running our bug bounty program as well as continuous discovery, triage, and remediation of vulnerabilities across infrastructure, applications, and cloud environments
  • Define and drive the strategy for Autonomic Security Operations, investing in automated testing and validation pipelines that codify security knowledge and detection coverage
  • Partner closely with engineering, product, threat intelligence and detection & response stakeholders to ensure controls are continuously tested and vulnerabilities are effectively surfaced
  • Build processes, tooling, and dashboards to track and communicate vulnerability and control assurance metrics to stakeholder and leadership
  • Contribute to long-term security planning by identifying control gaps, operational bottlenecks, and opportunities to scale security through automation
What we offer
What we offer
  • Performance driven compensation with multipliers for outsized impact, bonus programs, equity ownership, and 401(k) matching
  • 100% paid health insurance for employees with 90% coverage for dependents
  • Lifestyle wallet - a highly flexible benefits spending account for wellness, learning, and more
  • Employer-paid life & disability insurance, fertility benefits, and mental health benefits
  • Time off to recharge including company holidays, paid time off, sick time, parental leave, and more
  • Exceptional office experience with catered meals, events, and comfortable workspaces
  • Fulltime
Read More
Arrow Right
New

Security and Application Security Engineer

Beacon Technologies is seeking a Security and Application Security Engineer. The...
Location
Location
United States , Las Vegas
Salary
Salary:
Not provided
beacontechinc.com Logo
Beacon Technologies
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of five years of Information Security experience with at least two years of application-level security
  • Strong communication skills: ability to convey and document security guidelines, requirements, and coding best practices
  • Familiarity with Security Best Practices in common coding languages
  • Application Penetration Testing / API Security Testing
  • Software Development Life Cycle Design and Implementation
  • Static and Dynamic Application Testing Tools and Methods
  • Container and orchestration security (Kubernetes, Docker, Octopus, GitHub, etc.)
  • Familiarity with Application Security Testing Frameworks such as OWASP
  • Strong logical and analytical thinker
  • exceptional skills in security systems solutions
Job Responsibility
Job Responsibility
  • Operate as a liaison between the Security Team and the Development Teams
  • Preserve PCI and SOX Security Certification programs with a primary focus on ensuring compliance with the appropriate industry standards and security controls
  • Supporting incident response and architecture review whenever applications security expertise is needed
  • Integrating threat modeling practices into the SDLC
  • Work with other staff to perform periodic scans and evaluation of system security including areas such as patch management, penetration testing, vulnerability assessments, and other types of InfoSec-related tasks
  • Assist in identifying and communicating security exposures, information security incidents or non-compliance situations to IT management or the CISO as appropriate. Duties may also include collecting and documenting cyber security and incident response event data as necessary.
What we offer
What we offer
  • Career advancement opportunities
  • extensive training
  • excellent benefits including paying for health and dental premiums for salaried employees.
  • Fulltime
Read More
Arrow Right

Senior Backend Engineer (Golang) Security & Vulnerability Management

Endor Labs is on a mission to enhance developer productivity and accelerate open...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.endorlabs.com Logo
Endor Labs
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in engineering with 6-8 years of experience building scalable backends for product/SaaS companies
  • At least 3-years experience in Golang programming with a focus on microservices/distributed architecture
  • Triaging, prioritizing and resolving vulnerabilities reported for containers and application-level dependencies, as well as solid knowledge of common standards in this space, e.g., CVE, CVSS, OVAL or PURL
  • Using two or more package managers of different ecosystems (e.g., Java/Maven, Node.js/npm or Debian/APT) for pulling and publishing artifacts, esp. in combination with company-internal registries, plus an understanding of their respective dependency specification formats, resolution algorithms and versioning conventions/formats
  • Practical experience in designing APIs with one or more frameworks (gRPC [preferred], ReST, GraphQL, Thrift, etc.)
  • Ability to build and design technical solutions from scratch and your code and documentation can be used as an example for coding best practices at Endor
  • Scalable Distributed System Experience - understand micro-services and domain-driven design, load balancing, horizontal/vertical scaling, and stateless architectures
  • Architecture - knowledge of data structures and a keen eye for building architectures that scale and extend easily for longevity
  • Apply data-driven techniques to evaluate and propose architectural choices
  • Ability to discuss tradeoffs between architecture’s choice to influence groups to move in the right direction
Job Responsibility
Job Responsibility
  • Architect and build the core backend infrastructure for SaaS products
  • Design, architect, and build features end-to-end while working closely with Product Management and the engineering team
  • Ensure scalability, reliability, and performance of systems
  • Drive innovation, make critical architectural decisions, and lead the implementation of cutting-edge technologies
  • Troubleshoot distributed systems and solve root causes.
  • Fulltime
Read More
Arrow Right

Vulnerability Management Response Lead

The Vulnerability Response Lead is a key role within the Vulnerability Managemen...
Location
Location
Poland
Salary
Salary:
Not provided
https://www.hsbc.com Logo
HSBC
Expiration Date
January 30, 2026
Flip Icon
Requirements
Requirements
  • Minimum of 3-5 years’ experience in working in IT Security or similar role
  • Experience of working in roles within Cyber Security Operations, Risk Management, and Governance, within a mid to large enterprise or equivalent organisation
  • Ability to understanding, apply, and improve elements of the Vulnerability Management Lifecycle and use multiple toolsets to convey information, obtain data, and make it meaningful to future plans
  • Lateral thinking and creative form to deploy expertise in the uplift of people skills, process identifications, and technological adjustments
  • Ability to recognise threats and risk, and act with insight to deliver a core part of the Cyber Security Operational model in HSBC
  • Ability to produce clear and concise reports for targeted audiences across internal and external stakeholders
  • Understanding and experience in the practical application and execution of Vulnerability scanning technologies and their application (e.g. Nessus, SAST/MAST/DAST (Checkmarx, Netsparker, Fortify, IBM AppScan, etc.), Tenable.io, Security Center (or similar Vulnerability Scanning products), risk consolidation platforms)
  • Vulnerability assessments, scoring and ratings and how they are applied
  • Patch Management
  • Business and architectural design, including controls analysis, process flows and data flows
Job Responsibility
Job Responsibility
  • Support the remediation efforts of newly discovered vulnerabilities, where the risk score is deemed critical and an immediate risk to HSBC
  • Monitor external threat feeds and Cyber Intelligence Threat Analysis to identify any newly reported external risks
  • Manage the documentation of FRTF and ITAG initiatives and providing / identifying expert advice & guidance on remediation approaches
  • Track and report of ITAG and FRTF initiatives, as well as producing closure reports for completed ITAG’s and FRTF’s
  • Follow operational processes and ensure that they provide the most streamlined and efficient method of operations, whilst identifying opportunities for improvement
  • Support thematic reviews to drive and systematic uplifts and enhancements to services that help protect the bank
  • Maintain operational documentation on what reports are available and how / where to access them
  • Conduct holistic reviews of the overall baseline security posture
  • Contribute to and inform requests from Regulators, Internal/ External Audit, and 2LOD challenges/ Papers
  • Support the commentary for routine governance submissions e.g. Cybersecurity Executive Committee Monthly Update, Risk Map, KCIs, KRIs
What we offer
What we offer
  • Competitive salary
  • Annual performance-based bonus
  • Additional bonuses for recognition awards
  • Multisport card
  • Private medical care
  • Life insurance
  • One-time reimbursement of home office set-up (up to 800 PLN)
  • Corporate parties & events
  • CSR initiatives
  • Nursery discounts
  • Fulltime
Read More
Arrow Right

Director of Application Security

Hewlett Packard Enterprise is seeking a Director of Application Security to defi...
Location
Location
United States
Salary
Salary:
164500.00 - 398500.00 USD / Year
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of experience in cybersecurity, with at least 5+ years leading an application security function
  • demonstrated experience working at an enterprise-level organization with large-scale systems, processes, or operations
  • proven success in building and scaling application security programs in large, complex technology environments
  • deep understanding of secure software development practices, DevSecOps, and CI/CD tooling
  • threat modeling, code analysis, and vulnerability management
  • OWASP Top 10, SANS Top 25, and modern application security risks
  • experience with risk management frameworks (NIST CSF, ISO 27001, etc.) and regulatory requirements (SOX, GDPR, HIPAA, etc.)
  • Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or related field (or equivalent experience)
  • CISSP, CSSLP, or other relevant security certifications preferred.
Job Responsibility
Job Responsibility
  • define and execute the enterprise application security strategy aligned with business objectives and regulatory requirements
  • build, mentor, and grow a high-performing Application Security team
  • act as a trusted security advisor to engineering and product executives
  • develop and mature programs for secure software development
  • establish policies, standards, and patterns to deliver secure products at scale
  • partner with engineering, DevOps, and cloud teams to embed security tooling into CI/CD pipelines
  • lead developer outreach efforts
  • engage with product management to incorporate security requirements into roadmaps
  • drive the integration of an application security risk register
  • measure and report on the maturity and effectiveness of the AppSec program using KPIs and KRIs
What we offer
What we offer
  • comprehensive suite of benefits supporting physical, financial and emotional wellbeing
  • investment in personal and professional development
  • programs catered to career growth
  • unconditional inclusion
  • flexibility to manage work and personal needs.
  • Fulltime
Read More
Arrow Right

Application Manager

The Application Manager is responsible for taking ownership of SaaS application ...
Location
Location
Hungary , Budapest
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3-5 years of relevant experience
  • Experience in managing and implementing successful projects
  • Solid grasp of industry vulnerability ratings and classifications
  • Ability to take ownership and make technical decisions on a wide range of compliance and functional requirements
  • Skill in managing unexpected and urgent matters in a rapidly evolving environment
  • Experience with dependency management, change management, and audit/compliance requirements
  • Outstanding aptitude in task and deadline management
  • Demonstrated leadership skills, especially in circumstances when ‘leading without authority’ is required
  • Consistently demonstrates clear and concise written and verbal communication in English
  • Microsoft365 proficiency
Job Responsibility
Job Responsibility
  • Working with a team of Applications Development professionals to accomplish established goals and conduct personnel duties for team (e.g. performance evaluations, training and development, hiring and disciplinary actions) as well as act as an advisor or coach to mid-level developers and analysts
  • Leverage skills across multiple teams ensuring compliance with all Citi policies
  • Develop a sound familiarity with multiple information security domains and how they are implemented at Citi
  • Drive a wide range of tasks from scheduling vulnerability assessments and working with external parties to have all findings remediated, coordinating continuity of business testing, maintaining identity and access management best practices, and ensuring that AI/ML risk remains within Citi’s risk appetite
  • Utilize in-depth specialty knowledge of applications development to analyze complex problems/issues, provide evaluation of business processes, system processes, and industry standards, and make evaluative judgement
  • Contribute to planning, formulation of procedures, and process development, negotiating with external parties when necessary
  • Prioritize vulnerability remediation for internally hosted assets
  • Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency, as well as effectively supervise the activity of others and create accountability with those who fail to maintain these standards.
What we offer
What we offer
  • Global Benefits
  • We bring the best to our people. We put our employees first and provide the best-in-class benefits they need to be well, live well and save well.
  • Fulltime
Read More
Arrow Right
Welcome to CrawlJobs.com
Your Global Job Discovery Platform
At CrawlJobs.com, we simplify finding your next career opportunity by bringing job listings directly to you from all corners of the web. Using cutting-edge AI and web-crawling technologies, we gather and curate job offers from various sources across the globe, ensuring you have access to the most up-to-date job listings in one place.
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Poland Jobs Ireland Jobs Germany Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
© 2025 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy