Vulnerability & Cloud Security Program Manager
United StatesFull-time$180k–$220kPosted Jul 2, 2026
ApplyAbout the role The Vulnerability & Cloud Security Program Manager leads the enterprise vulnerability management and cloud security posture management (CSPM) programs, ensuring timely identification, assessment, prioritization, and remediation of risks across on-premise, cloud, and application environments. This role leverages modern cloud security and vulnerability management platforms to monitor, analyze, and strengthen our security posture. You will collaborate closely with engineering, DevOps, and infrastructure teams to reduce risk exposure, support compliance obligations, and advance the organization’s overall security maturity. Location - We are flexible on remote working from home, if you are located in the USA and reside in one of the following states - CA, CO, CT, FL, GA, *IL, KS, ME, MA, MD, NJ, NC, NY, OR, TN, TX, VA, and WA. We have physical offices in Austin, TX and Tampa, FL, if you prefer a hybrid option. What You’ll Be Doing
- Lead and operate the full vulnerability management and CSPM lifecycle, ensuring timely discovery, assessment, prioritization, and remediation.
- Administer and optimize our vulnerability management and CSPM platforms, including policies, integrations, reporting, and automation.
- Monitor cloud and infrastructure environments to identify misconfigurations, excessive permissions, and compliance drift, primarily in AWS.
- Partner with engineering and DevOps teams to drive remediation efforts, facilitate triage discussions, and provide technical guidance on complex issues.
- Align security practices with frameworks such as FedRAMP, NIST CSF, ISO 27001, and CIS Controls.
- Track and report key KPIs and risk metrics to leadership, including SLA compliance and vulnerability trends.
- Automate detection, remediation workflows, and tool integrations to enhance efficiency and expand security capabilities
- Other duties as needed
- Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or equivalent experience.
- 5+ years of experience in vulnerability management and at least 2+ years in cloud security.
- Hands-on experience with CSPM tools, vulnerability detection platforms, and automation (Wiz, AWS Inspector, Nessus, OpenSCAP preferred).
- Strong understanding of AWS security best practices and cloud-native architectures.
- Familiarity with vulnerability scoring systems like CVSS and risk-based prioritization.
- Excellent communication, collaboration, and stakeholder management skills.
- Security certifications such as CISSP, AWS Security Specialty, or GIAC Cloud Security are a plus.
- Preferred knowledge of regulatory and compliance frameworks such as PCI DSS, HIPAA, SOX, FedRAMP.