• Operate & Maintain Security Platforms: Oversee day-to-day performance and upkeep of critical cybersecurity tools and platforms, ensuring high availability and effectiveness of security monitoring and defense systems
• Vulnerability Management: Lead the end-to-end vulnerability management lifecycle — schedule and conduct regular vulnerability scans and assessments, analyze results to identify and prioritize risk exposures, produce actionable reports, and work with internal teams to drive risk reduction
• Platform Troubleshooting: Investigate and resolve issues with security platforms and tools. Quickly diagnose technical problems to maintain optimal protection levels, escalating to vendors' support teams when necessary
• Vendor & Stakeholder Engagement: Serve as a liaison between security operations and both external vendors and internal teams. Coordinate with vendors for product support, updates, or feature enhancements, and engage with IT, development, and business stakeholders to ensure security tools align with organizational needs
• Remediation Coordination: Partner closely with remediation teams — including infrastructure, application owners, and IT operations — to translate vulnerability findings into clear remediation guidance. Track remediation progress and lead post-remediation validation to verify the effectiveness of implemented fixes
• Develop & Deploy New Capabilities: Contribute to the design, deployment, and maturation of new cybersecurity capabilities and process improvements. This includes evaluating emerging security solutions or features, planning upgrades or new tool implementations, and refining processes to advance overall security program maturity
• Reporting & Continuous Improvement: Prepare and present concise reports or dashboards on vulnerability trends, platform health, and risk metrics to management and relevant stakeholders. Stay current with the latest threats and cybersecurity best practices to inform security policy and process enhancements
• Provide 24/7 operational support through participation in a rotating on call schedule, including response during major incidents and service outages

• Education: Bachelor's degree in Cybersecurity, Computer Science, Information Technology, Engineering, or a related field. An equivalent combination of education and substantial hands-on cybersecurity experience will be considered
• Experience: 5+ years of progressive experience in cybersecurity, IT security operations, or a closely related discipline, with demonstrated depth in vulnerability management and security platform administration. Experience collaborating with cross-functional teams to validate, remediate, or mitigate identified vulnerabilities is essential. Familiarity with patch management processes is expected
• Technical Skillset: Strong understanding of core cybersecurity principles and practices. Solid experience with vulnerability assessment methodologies, risk prioritization frameworks (e.g., CVSS scoring), and interpreting scan results. Ability to troubleshoot complex technical issues across diverse operating systems and network environments.
• Analytical & Problem-Solving Skills: Proven ability to analyze security vulnerabilities, determine root causes, and drive effective solutions. Meticulous attention to detail with the capacity to handle and prioritize multiple issues simultaneously in a fast-paced environment
• Communication & Collaboration: Excellent written and verbal communication skills. Capable of translating technical findings into clear, actionable language for audiences ranging from technical peers to senior leadership. Strong interpersonal skills with demonstrated experience collaborating across diverse teams and organizational levels.
• Vendor Management: Experience working with third-party vendors or support teams to resolve product issues, coordinate improvements, and manage ongoing vendor relationships. Comfortable interfacing with both technical and non-technical stakeholders to advocate for security priorities

Preferred Qualifications:

• Professional Certifications: Recognized industry certifications such as CISSP, CISM, CISA, GIAC (e.g., GSEC, GCIA), CompTIA Security+, CEH, or similar credentials that demonstrate a commitment to ongoing professional development
• Compliance & Frameworks: Familiarity with industry standards and compliance frameworks (e.g., NIST, ISO 27001, PCI-DSS) and their application to vulnerability management and platform security
• Scripting & Automation: Knowledge of scripting languages (e.g., Python, PowerShell) for automating routine cybersecurity tasks such as log analysis, alert triaging, or system health checks
• Advanced Experience: Prior involvement in designing or enhancing security processes and toolsets in an enterprise environment. Experience integrating security controls within CI/CD pipelines or contributing to DevSecOps practices is an asset
• Leadership: Previous experience mentoring junior analysts, leading projects, or guiding cross-functional teams reflects the ownership and initiative expected at this level
• Adaptability: Demonstrated eagerness to stay current with evolving cybersecurity threats, tools, and best practices through self-directed learning, professional development courses, and industry conferences