manager, vulnerability management 4959856
8 Ιουλ 2026 · Pfizer Hellas
Περιγραφή Θέσης
The Manager, Vulnerability Management is responsible for leading the execution of vulnerability management activities to identify, assess, prioritize, and reduce security weaknesses across the enterprise. This role oversees day‑to‑day vulnerability management operations, including scanning, analysis, prioritization, and remediation coordination. The role partners closely with engineering, infrastructure, cloud services, application, and security teams to ensure vulnerabilities are addressed in a timely, risk‑based, and compliant manner to reduce overall cyber exposure.
ROLE RESPONSIBILITIES
Lead the day‑to‑day execution of the vulnerability management program, ensuring consistent identification, assessment, and prioritization of vulnerabilities across enterprise environments.
Partner with a team of vulnerability management analysts, providing technical guidance.
Oversee vulnerability scanning activities across infrastructure, endpoints, cloud platforms, and applications, ensuring coverage and data quality.
Translate vulnerability findings into clear, actionable remediation guidance for technical owners, aligned to risk, exploitability, and business impact.
Coordinate remediation efforts with Infrastructure, Cloud Services, Engineering, Endpoint Security, and other technology teams to drive timely risk reduction.
Partner with Threat Intelligence, Threat Remediation, and Incident Response teams to incorporate threat context and active exploitation signals into prioritization decisions.
Track remediation progress, validate closure, and identify recurring issues or systemic control gaps requiring escalation or broader corrective action.
Ensure vulnerability management activities align with internal policies, regulatory requirements, and audit expectations.
Maintain reporting and metrics on vulnerability trends, remediation performance, and risk posture for Cyber Defense leadership.
Drive continuous improvement of vulnerability management processes, tooling, and workflows to increase efficiency, accuracy, and impact.
BASIC QUALIFICATIONS
Bachelor’s degree in Information Security, Computer Science, Engineering, Information Technology, or a related field, or equivalent practical experience.
4+ years of experience in cybersecurity, with a strong focus on vulnerability management, security operations, or exposure management.
Demonstrated responsibility for executing or overseeing vulnerability scanning, assessment, prioritization, and remediation tracking across infrastructure, endpoints, cloud platforms, or applications.
Experience translating vulnerability findings into risk‑based remediation guidance for infrastructure, cloud, application, or platform engineering teams.
Prior responsibility for coordinating remediation activities, including tracking ownership, validating fixes, managing exceptions, and escalating blocked or overdue items.
Familiarity with vulnerability severity, exploitability concepts, and compensating controls used to manage risk when immediate remediation is not feasible.
Experience leading analysts or serving as a technical lead responsible for task prioritization, quality assurance, and day‑to‑day delivery.
Strong analytical, organizational, and problem‑solving skills.
Demonstrated experience in an agile work environment possessing qualities such as a collaborative mindset, adaptability to change, and a proactive problem-solving approach.
PREFERRED QUALIFICATIONS
Familiarity with vulnerability management in cloud or hybrid enterprise environments.
Understanding of integrating threat context, exploitability, or attack paths into vulnerability prioritization.
Exposure to operating in regulated or highly controlled environments such as healthcare, life sciences, or manufacturing.
Experience supporting audit, compliance, or regulatory activities related to vulnerability management.
Ability to identify trends and drive process or control improvements over time.
Relevant professional certifications in cybersecurity or vulnerability management (e.g., CISSP, CISM, Security+, etc.)



