What You'll Do:

• Security Platform Engineering & Maintenance: Oversee the health, performance, and integration of cybersecurity platforms to ensure they reliably protect the organization. Perform advanced troubleshooting and root-cause analysis on complex platform issues. Continuously monitor system outputs and alerts, tune configurations for improvement, and coordinate with vendors' support engineering teams to resolve product bugs or service interruptions. The goal is a stable, resilient security toolset with minimal downtime or gaps
• Design & Integrate New Security Capabilities: Identify capability gaps and evaluate potential technologies or innovative approaches to fill them. Recommend and champion the adoption of new security services, tools, or architectural modifications that improve cybersecurity posture. For each approved initiative, own planning and execution: design the integration approach, coordinate testing and deployment, and ensure new capabilities are smoothly incorporated into the environment without disrupting operations. Continuously advance capabilities so the organization keeps pace with evolving threats and moves our security environment forward in maturity
• Vulnerability Management Program Support: Interface with business owners throughout the entire vulnerability management process — continuous identification, contextualization, assessment, and reporting of vulnerabilities across the enterprise. Conduct regular scans and assessments, analyze results to prioritize risk exposures based on severity, threat intelligence, and business impact, and drive remediation efforts to closure. Maintain oversight through metrics, dashboards, and reports highlighting trends, progress, and risk reduction. Keep the program adaptive by staying current on emerging threats and zero-day vulnerabilities
• Vendor Coordination & Stakeholder Engagement: Act as a technical liaison between the organization and security technology vendors — addressing complex issues, planning upgrades, and evaluating enhancements to ensure our tools evolve with organizational needs. Internally, collaborate with IT operations and business stakeholders to plan changes or integrations that impact security systems. Where systemic or recurring problems are identified, lead the effort toward long-term solutions (e.g., working with a vendor on a patch or with internal teams on an architectural change)

What You'll Do (Continued):

• Remediation Coordination: Partner with technology and business teams to ensure vulnerabilities are addressed at their root in a timely, sustainable manner. Translate scan findings into clear, actionable remediation plans for system owners and developers. Bring together cross-functional groups — server admins, network engineers, application developers, cloud engineers — to jointly devise mitigation strategies for complex or pervasive issues. Emphasize systemic improvements such as configuration changes or process updates that reduce recurrence, and verify that applied fixes effectively mitigate identified vulnerabilities
• Automation & Process Improvement: Drive efficiency by automating repetitive security tasks and streamlining processes. Develop or implement scripts and workflows to automate aspects of vulnerability scanning, data analysis, and reporting. Integrate security tools with each other and with IT service management systems or CI/CD pipelines for more orchestrated, automatic data flows and remediation actions. By driving automation, free the team to focus on higher-level analysis while strengthening the consistency and speed of security response
• Security Metrics & Continuous Improvement: Track key metrics that inform the effectiveness of security operations — such as mean time to respond, tool coverage, remediation SLAs, compliance percentages, and platform performance indicators. Prepare and present summary reports tailored to various audiences (detailed technical readouts for the team, high-level risk summaries for management). Use metrics and analysis to identify trends and areas for improvement. Take a continuous improvement approach: after every major project or incident, evaluate lessons learned and update processes, playbooks, or configurations accordingly
• Mentorship & Knowledge Sharing: Informally mentor and guide cybersecurity analysts and engineers by reviewing their findings, advising on troubleshooting approaches, and sharing best practices. Help upskill team members by explaining complex security concepts in understandable terms and training them on the proper use of security tools and procedures. Encourage a culture of curiosity and continuous learning
• Provide 24/7 operational support through participation in a rotating on call schedule, including response during major incidents and service outages

What You'll Bring:

• Education: Bachelor’s degree in Computer Science/Cybersecurity/Information Security (or related), or equivalent practical experience
• Experience: 6+ years significant cybersecurity experience, with substantial depth in security engineering, operations, and vulnerability management in complex environments. A proven track record of managing or heavily contributing to vulnerability assessment and remediation processes at scale is expected. Hands-on experience operating and optimizing security platforms and demonstrated involvement in cross-functional security initiatives
• Technical Skillset: Deep understanding of cybersecurity domains, particularly operating security technologies and conducting vulnerability management. Well-versed in vulnerability assessment techniques (network, system, and application scanning) and fluent in interpreting scan results to distinguish true risks. Strong working knowledge of enterprise IT infrastructure (operating systems, networks, cloud services, databases) and how security controls apply within each. Experience with automation or scripting (e.g., Python, PowerShell) to automate tasks or integrate systems is highly desirable
• Analytical & Problem-Solving Skills: Exceptional ability to diagnose complex problems and then identifying practical solutions. Meticulous attention to detail combined with a big-picture perspective, connecting the dots between findings to spot systemic issues. Ability to remain calm and methodical under pressure, applying structured troubleshooting
• Communication & Collaboration: Excellent written and verbal communication skills. Ability to translate technical security issues into clear, actionable information for diverse audiences. Strong interpersonal skills and a collaborative approach for working closely with IT operations, developers, compliance, incident response, and other internal partners

Preferred Qualifications: 

• A master's degree is an asset but not mandatory; the key is a strong foundational knowledge of computing and security principles
• Experience with cybersecurity platforms and technologies (SIEM, SOAR, EDR, Vulnerability Scanners, Cloud security posture management, Cyber asset management, etc)
• Familiarity with IT Infrastructure components and protocols (Domain Controllers, Certificate Authorities, DNS, IPv4/6, containers, AWS, Azure, etc)
• Professional Certifications: Industry-recognized credentials such as CISSP, CISM, CISA, OSCP, CEH, or GIAC certifications (e.g., GPEN, GCIH) that demonstrate validated knowledge across key cybersecurity domains
• Automation & Development Skills: Advanced scripting, programming, or integration capabilities — for instance, developing automation for security tasks using APIs of security tools, or integrating security checks into CI/CD pipelines. Experience with DevSecOps practices (infrastructure as code, automated compliance checking)
• AI Concentration: Familiarity with and building custom AI models, harnesses, development practices, “vibe coding”, etc, to solve complex problems