CrawlJobs Logo

Vulnerability Management and Remediation Coordination Lead

United States 70.00 - 80.00 USD / Hour · Job Posted May 04, 2026
Apply Position
Job Link Share

Job Description

You will own the end-to-end coordination of vulnerability remediation across the agency — from pulling together the current vulnerability picture, through prioritising what matters, through working with system, server, and application owners to actually get things fixed, through evidence-backed closure. The role is NIST-aligned and sits at the intersection of security operations and engineering accountability.

Job Responsibility

  • Review existing vulnerability data from scans, assessments, and other security tools, and establish a consolidated baseline
  • Document a remediation timeline that reflects current risk posture and aging across the estate
  • Categorise and prioritise vulnerabilities by risk, severity, exploitability, and potential operational impact — aligned to NIST guidance
  • Validate that remediation timeframes match the agency's expectations for each risk level
  • Coordinate remediation with system, server, and application owners — communicating expectations, risk context, and timelines clearly
  • Track remediation progress and surface blockers, dependencies, and delays early
  • Escalate overdue, high-risk, or critical vulnerabilities to the appropriate governance or oversight bodies
  • Produce periodic status reports summarising remediation progress and outstanding risk
  • Validate remediation actions through available evidence — scan results and other supporting artifacts — and confirm closure in tracking systems
  • Where a vulnerability cannot be remediated within the required timeframe, document it formally with approved risk acceptance or exception paperwork
  • Identify process gaps, systemic issues, and control weaknesses, and recommend improvements aligned with NIST standards and agency governance

Requirements

  • 8+ years building vulnerability inventories and establishing consolidated baselines across a large estate
  • 8+ years running risk classification and prioritisation aligned to NIST guidance
  • 8+ years tracking vulnerability remediation end-to-end, including coordination with system and application owners
  • 8+ years producing executive-ready status reports on remediation progress and outstanding risk
  • Demonstrated track record validating remediation actions through scan evidence and other supporting artifacts

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Vulnerability Management and Remediation Coordination Lead

8 matching positions

Vulnerability Management Tech Lead

As a Vulnerability Management Tech Lead, you will provide senior technical leade...
Location
Location
Spain , Barcelona
Salary
Salary:
Not provided
adevinta.com Logo
Adevinta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A senior engineer with proven technical leadership in production security systems or closely related infrastructure services
  • An experienced systems thinker: you design resilient, observable and scalable architectures and can evaluate tradeoffs between reliability, cost and speed of delivery
  • Hands-on and fluent in implementing secure integration patterns, APIs, service-account architectures, CI/CD automation and production-grade orchestration
  • you write and review production code and automation confidently
  • Deeply versed in vulnerability management, detection engineering and incident response at scale: you understand scanning workflows, threat modelling, validation and remediation pipelines
  • Strong in cloud security and operations across public cloud environments and familiar with identity & access constructs, org-level guardrails and secure account architectures
  • Skilled at translating complex telemetry into detection logic and measurable detection KPIs
  • Experienced in partnership and influence: you can drive technical change across multiple teams, present complex technical tradeoffs clearly, and gain alignment without direct authority
  • A mentor who raises the bar for delivery quality through design reviews, documentation and reusable engineering patterns
  • Metrics-driven and comfortable owning technical success criteria, dashboards and SLAs for operational systems
Job Responsibility
Job Responsibility
  • Define and evolve the technical vision and architecture for the VMS, translating product and security strategy into a coherent, scalable engineering roadmap
  • Design and deliver complex integration and automation patterns across the vulnerability ecosystem, including secure API designs, reusable service-account and credential patterns, resilient CI/CD pipelines, canonical data schemas and platform observability
  • Operate and improve the VMS end-to-end: maintain asset inventories, author and maintain automations for ingestion and remediation, coordinate validations and retests, tune detection and triage flows, and produce operational runbooks and SLAs that ensure reliability
  • Lead high-impact technical initiatives and remove technical roadblocks for the team
  • Plan, execute and evaluate internal penetration tests and red-team exercises — defining scope and success criteria, performing senior-level assessments to validate controls and detection/response, driving root-cause analysis into durable remediations with clear verification criteria, and mentoring engineers to improve testing and response
  • Act as the technical authority on complex vulnerability investigations, threat modelling, countermeasure validation and red-team exercises, providing senior-level analysis and remediation guidance
  • Mentor and coach engineers — raising technical standards through design reviews, code review feedback, shared libraries and platform patterns — while contributing significant hands-on code and automation
  • Own the technical approach to telemetry and detection engineering: define data contracts, ensure event quality, guide detection rule design and measure detection efficacy
  • Perform vendor and platform evaluations from a technical perspective: define evaluation criteria, run proof-of-concepts, validate operational fit and advise procurement with technical recommendations
  • Define the VMS measurement model and lead technical efforts that deliver high-quality dashboards and signals (coverage, time-at-risk, remediation MTTR, noise, detection quality) used by security leadership
What we offer
What we offer
  • An attractive Base Salary
  • Participation in our Short Term Incentive plan (annual bonus)
  • Work From Anywhere: Enjoy up to 20 days a year of working from anywhere
  • A 24/7 Employee Assistance Program for you and your family
  • Fulltime
Read More
Arrow Right

Vulnerability Management Tech Lead

As a Vulnerability Management Tech Lead, you will provide senior technical leade...
Location
Location
Spain , Barcelona
Salary
Salary:
Not provided
adevinta.com Logo
Adevinta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A senior engineer with proven technical leadership in production security systems or closely related infrastructure services
  • An experienced systems thinker: you design resilient, observable and scalable architectures and can evaluate tradeoffs between reliability, cost and speed of delivery
  • Hands-on and fluent in implementing secure integration patterns, APIs, service-account architectures, CI/CD automation and production-grade orchestration
  • you write and review production code and automation confidently
  • Deeply versed in vulnerability management, detection engineering and incident response at scale: you understand scanning workflows, threat modelling, validation and remediation pipelines
  • Strong in cloud security and operations across public cloud environments and familiar with identity & access constructs, org-level guardrails and secure account architectures
  • Skilled at translating complex telemetry into detection logic and measurable detection KPIs
  • Experienced in partnership and influence: you can drive technical change across multiple teams, present complex technical tradeoffs clearly, and gain alignment without direct authority
  • A mentor who raises the bar for delivery quality through design reviews, documentation and reusable engineering patterns
  • Metrics-driven and comfortable owning technical success criteria, dashboards and SLAs for operational systems
Job Responsibility
Job Responsibility
  • Define and evolve the technical vision and architecture for the VMS, translating product and security strategy into a coherent, scalable engineering roadmap
  • Design and deliver complex integration and automation patterns across the vulnerability ecosystem, including secure API designs, reusable service-account and credential patterns, resilient CI/CD pipelines, canonical data schemas and platform observability
  • Operate and improve the VMS end-to-end: maintain asset inventories, author and maintain automations for ingestion and remediation, coordinate validations and retests, tune detection and triage flows, and produce operational runbooks and SLAs that ensure reliability
  • Lead high-impact technical initiatives and remove technical roadblocks for the team
  • Plan, execute and evaluate internal penetration tests and red-team exercises — defining scope and success criteria, performing senior-level assessments to validate controls and detection/response, driving root-cause analysis into durable remediations with clear verification criteria, and mentoring engineers to improve testing and response
  • Act as the technical authority on complex vulnerability investigations, threat modelling, countermeasure validation and red-team exercises, providing senior-level analysis and remediation guidance
  • Mentor and coach engineers — raising technical standards through design reviews, code review feedback, shared libraries and platform patterns — while contributing significant hands-on code and automation
  • Own the technical approach to telemetry and detection engineering: define data contracts, ensure event quality, guide detection rule design and measure detection efficacy
  • Perform vendor and platform evaluations from a technical perspective: define evaluation criteria, run proof-of-concepts, validate operational fit and advise procurement with technical recommendations
  • Define the VMS measurement model and lead technical efforts that deliver high-quality dashboards and signals (coverage, time-at-risk, remediation MTTR, noise, detection quality) used by security leadership
What we offer
What we offer
  • An attractive Base Salary
  • Participation in our Short Term Incentive plan (annual bonus)
  • Work From Anywhere: Enjoy up to 20 days a year of working from anywhere
  • A 24/7 Employee Assistance Program for you and your family
  • A range of locally relevant benefits
  • Fulltime
Read More
Arrow Right

Vulnerability Management Tech Lead

As a Vulnerability Management Tech Lead, you will provide senior technical leade...
Location
Location
Spain , Barcelona
Salary
Salary:
Not provided
adevinta.com Logo
Adevinta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A senior engineer with proven technical leadership in production security systems or closely related infrastructure services
  • An experienced systems thinker: you design resilient, observable and scalable architectures and can evaluate tradeoffs between reliability, cost and speed of delivery
  • Hands-on and fluent in implementing secure integration patterns, APIs, service-account architectures, CI/CD automation and production-grade orchestration
  • you write and review production code and automation confidently
  • Deeply versed in vulnerability management, detection engineering and incident response at scale: you understand scanning workflows, threat modelling, validation and remediation pipelines
  • Strong in cloud security and operations across public cloud environments and familiar with identity & access constructs, org-level guardrails and secure account architectures
  • Skilled at translating complex telemetry into detection logic and measurable detection KPIs
  • Experienced in partnership and influence: you can drive technical change across multiple teams, present complex technical tradeoffs clearly, and gain alignment without direct authority
  • A mentor who raises the bar for delivery quality through design reviews, documentation and reusable engineering patterns
  • Metrics-driven and comfortable owning technical success criteria, dashboards and SLAs for operational systems
Job Responsibility
Job Responsibility
  • Define and evolve the technical vision and architecture for the VMS, translating product and security strategy into a coherent, scalable engineering roadmap
  • Design and deliver complex integration and automation patterns across the vulnerability ecosystem, including secure API designs, reusable service-account and credential patterns, resilient CI/CD pipelines, canonical data schemas and platform observability
  • Operate and improve the VMS end-to-end: maintain asset inventories, author and maintain automations for ingestion and remediation, coordinate validations and retests, tune detection and triage flows, and produce operational runbooks and SLAs that ensure reliability
  • Lead high-impact technical initiatives and remove technical roadblocks for the team
  • Plan, execute and evaluate internal penetration tests and red-team exercises — defining scope and success criteria, performing senior-level assessments to validate controls and detection/response, driving root-cause analysis into durable remediations with clear verification criteria, and mentoring engineers to improve testing and response
  • Act as the technical authority on complex vulnerability investigations, threat modelling, countermeasure validation and red-team exercises, providing senior-level analysis and remediation guidance
  • Mentor and coach engineers — raising technical standards through design reviews, code review feedback, shared libraries and platform patterns — while contributing significant hands-on code and automation
  • Own the technical approach to telemetry and detection engineering: define data contracts, ensure event quality, guide detection rule design and measure detection efficacy
  • Perform vendor and platform evaluations from a technical perspective: define evaluation criteria, run proof-of-concepts, validate operational fit and advise procurement with technical recommendations
  • Define the VMS measurement model and lead technical efforts that deliver high-quality dashboards and signals (coverage, time-at-risk, remediation MTTR, noise, detection quality) used by security leadership
What we offer
What we offer
  • An attractive Base Salary
  • Participation in our Short Term Incentive plan (annual bonus)
  • Work From Anywhere: Enjoy up to 20 days a year of working from anywhere
  • A 24/7 Employee Assistance Program for you and your family
  • A range of locally relevant benefits
  • Fulltime
Read More
Arrow Right

Vulnerability Management Technical Project Lead

The Tech Lead/ServiceLine Lead will be responsible for the operational, organisa...
Location
Location
India , Noida
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Total Experience Expected: 08-10 years
  • Bachelor's degree or Master's in Computer Science, Engineering, or related field
  • Proven leadership experience
  • Strong people management and client‑facing governance skills
  • Executive communication (FR/EN written & verbal reporting
  • Crisis management & escalation handling for P0/P1 situations
  • Data‑driven decision making using KPIs, dashboards, and trends
  • Continuous improvement & automation mindset
  • Proficiency in ServiceNow SECOPS (certification preferred), vulnerability detection and monitoring tools (Microsoft Defender for Endpoint EDR/XDR, WIZ, NESSUS PRO, Dynatrace), CMDB, VISIT, reporting tools (PowerBI, PowerPoint), and adherence to security standards and Client SLAs is required
Job Responsibility
Job Responsibility
  • Monitoring of critical P0 / P1 vulnerabilities
  • Steering CTI incidentology
  • Execution and governance of COD controls
  • Organisation of committees and reporting
  • Operational management and team skill development
  • Contribution to process, tool, and KPI optimisation
  • Promptly responding to P0/P1 vulnerabilities, including identification, assessment, patching, documentation, and development of remediation plans when patching is not possible
  • Coordinate and oversee P0 vulnerability follow-up meetings, communicate updates and remediation progress, escalate unresolved issues, and ensure compliance with established deadlines
  • To attend, present & track regular meetings and committee sessions with vulnerability status, track remediation efforts, report key performance indicators, and coordinate with divisions on security tools and control enhancements
  • Oversees the execution, analysis, and remediation of six COD controls, ensuring effective risk reduction and planning for additional controls to further mitigate cyber threats
  • Fulltime
Read More
Arrow Right

Vulnerability Management Analyst

The Vulnerability Management Analyst is responsible for supporting and advancing...
Location
Location
United States
Salary
Salary:
85000.00 - 100000.00 USD / Year
radancy.com Logo
Radancy
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years of experience in vulnerability management, GRC, security operations, or a related cybersecurity function.
  • Experience supporting vulnerability management in cloud and modern application environments.
  • Experience working with vulnerability and security tooling.
  • Strong understanding of vulnerability remediation, risk prioritization, compensating controls, exception handling, and escalation practices.
  • Ability to translate technical findings into business risk and remediation priorities for both technical and non-technical stakeholders.
  • Demonstrated experience coordinating across engineering, product, and management teams.
  • Strong analytical, organizational, and facilitation skills.
  • Excellent written and verbal communication skills.
Job Responsibility
Job Responsibility
  • Lead recurring vulnerability management roundtables with product engineering and IT departments.
  • Prepare and present prioritized vulnerability reviews for monthly meetings, driving clear remediation priorities for the next review cycle, focus teams on the highest risk vulnerabilities first.
  • Apply risk-based prioritization. Evaluate exploitability, exposure, and business impact to determine severity.
  • Promote remediation efforts that reduce risk across multiple teams or systems.
  • Track critical and high-risk findings against remediation timelines. Surface items nearing or exceeding SLA commitments.
  • Ensure each issue has a current remediation or mitigation plan and manage the timeline of remediation efforts.
  • Challenge unsupported “can’t fix” or “won’t fix” responses. Push for practical remediation paths when blockers exist.
  • Recommend compensating controls where full remediation is delayed.
  • Support formal exception and risk acceptance decisions.
  • Escalate stalled remediation and SLA risk to leadership.
What we offer
What we offer
  • Comprehensive medical coverage, with dental, vision and life insurance
  • Competitive 401(k) plan with employer matching
  • Unlimited flexible time off (FTO)
  • World-class training that keeps you at the forefront of innovation
  • Fulltime
Read More
Arrow Right

Cyber Defence Lead - Vulnerability & Disclosure Services

We are seeking an experienced cyber security professional to lead the Vulnerabil...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experienced cyber security professional with deep expertise in vulnerability management and remediation
  • Background in managing large‑scale scanning and reporting programmes
  • Hands‑on proficiency with vulnerability management tools, specifically Qualys
  • Strong understanding of networking fundamentals and core security concepts
  • Knowledgeable in industry cyber security standards, governance frameworks, and policy structures
  • Skilled in leading distributed teams and fostering high-performance cultures
  • Capable of influencing senior stakeholders and guiding change across complex environments
  • Strong analytical capability to translate technical risk into business-focused insights
  • Excellent written, verbal, and executive communication skills
Job Responsibility
Job Responsibility
  • Lead the Vulnerability Management and Responsible Disclosure services, ensuring alignment with Vodafone’s global policies and cyber strategy
  • Manage the full lifecycle of the Responsible Disclosure programme, including triage, validation, prioritisation, communication, and closure
  • Oversee vulnerability triage and prioritisation by applying strong risk‑based decision‑making and effective coordination with remediation teams
  • Drive improvements in automation, tooling effectiveness, and workflow optimisation to elevate efficiency and reduce manual workloads
  • Define, streamline, and own vulnerability management KPIs and reporting to offer transparent insights for leadership and stakeholders
  • Serve as a primary contact point for internal and external cyber security audits related to vulnerability management and disclosure processes
  • Lead cross-functional initiatives within Cyber Defence to enhance governance, delivery excellence, and operational maturity
  • Build, guide, and nurture a high-performing team through inclusive leadership, talent development, structured hiring, and succession planning
  • Promote strong engagement, continuous learning, and year‑on‑year improvements in team capability, efficiency, and retention
  • Fulltime
Read More
Arrow Right

Vulnerability and Exposure Response Manager

At Vodafone, we’re not just shaping the future of connectivity for our customers...
Location
Location
United Kingdom , Newbury
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience in vulnerability investigation, incident response or threat-based testing
  • Practical experience of red teaming or purple teaming, including planning, scoping and translating findings into operational change
  • Strong investigative judgement and knowledge of attacker techniques across infrastructure, cloud and web applications
  • Ability to coordinate matrix teams and influence technical and business stakeholders globally
  • Clear communicator able to present technical findings as concise, risk-based recommendations
Job Responsibility
Job Responsibility
  • Lead high-impact investigations and remediation for critical vulnerabilities
  • Plan and govern red-team and purple-team exercises that materially reduce Vodafone’s external exposure
What we offer
What we offer
  • Yearly bonus: 10%
  • Annual leave: 28 days + bank holidays + the opportunity to buy/sell/carry over 5 days/year
  • Charity days: 5 days/year
  • Maternity leave: 52 weeks: the first 13 weeks are fully paid, followed by 26 weeks of half pay
  • Private pension: You can contribute up to 5% of your basic pay with 2:1 matching from Vodafone up to 10%
  • Access to: private medical, private dental, free health assessments, share save scheme
  • Additional discounts: Vodafone retail, gym, cinema, cycle to work, season ticket loan
Read More
Arrow Right

Network and Cybersecurity Service Delivery Lead

We are currently seeking a Network and Cybersecurity Service Delivery Lead to jo...
Location
Location
United States , Rockville
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's degree, or One-and-one-half (1.5) years of additional experience can substitute for one (1) year of a typical degree program
  • Minimum 10 years of experience in enterprise network engineering and operations
  • Minimum 10 years of experience in cybersecurity engineering or security operations
  • Minimum 5 years of experience leading a team of engineers to design and implement enterprise network architectures for 3,000+ users and multi-site WANs
  • Minimum 5 years of experience with at least two enterprise networking technologies such as Cisco (Catalyst, Nexus, ACI, SD-Access), Juniper Junos, or equivalent platforms
  • Minimum 5 years of experience with Layer 2 - 3 networking and at least 3 years with layer 4 - 7 technologies, including routing protocols (BGP, OSPF, EIGRP), VLANs, spanning tree, QoS, and load balancing
  • Minimum 3 years of experience implementing and managing network security technologies, including firewalls, VPNs, NAC, IDS/IPS, and secure segmentation strategies
  • Minimum 5 years supporting cloud and hybrid cloud networking architectures in AWS or Azure
  • Minimum 3 years of experience working in regulated federal environments with document exposure to security frameworks such as NIST 800-53, RMF, FISMA, or FedRAMP
  • Must be a US citizen who has the ability to obtain a Public Trust Security Clearance
Job Responsibility
Job Responsibility
  • Lead the architecture, design, and engineering of enterprise network infrastructure, including routing, switching, inter-site connectivity, and secure external integrations
  • Develop and maintain network roadmaps aligned with evolving business, scientific, security, and regulatory requirements
  • Evaluate, test, and implement emerging networking technologies to maintain a modern, scalable, and resilient infrastructure
  • Provide expert-level technical guidance on network design supporting data centers, HPC environments, enterprise hosting platforms, and hybrid cloud integrations
  • Oversee day-to-day network operations, including configuration management, patching, upgrades, hardware lifecycle management, and incident troubleshooting
  • Ensure timely detection, escalation, and resolution of network incidents, including after-hours support when required
  • Monitor network performance and availability
  • perform root cause analysis and trend forecasting to improve reliability and service delivery
  • Ensure adherence to change management and configuration management standards, maintaining accurate and current technical documentation
  • Collaborate with cybersecurity teams to implement secure network configurations, segmentation, access control, and monitoring capabilities
  • Fulltime
Read More
Arrow Right