Vulnerability Management Lead
On-site · Toronto, Ontario, Canada
Job Summary
Vulnerability Management Lead responsible for steering enterprise-wide vulnerability management across Windows, Linux, networks, cloud platforms (AWS/Azure), containers, and certificate management. Own end-to-end vulnerability lifecycle, oversee scanning, risk prioritization, and remediation workflows across cloud and on-prem environments; develop metrics and reporting to measure program maturity and SLA adherence; act as the internal authority on vulnerability risk and communicate with technical and executive audiences; collaborate with global teams to ensure risks are tracked and resolved in line with risk appetite; lead root cause analyses after security events; support documentation, policy development, incident response, and continuous improvement of tooling and processes; coordinate security testing/validation across applications, infrastructure, and data environments; deliver SLA-aligned reporting to internal leadership and external stakeholders.
Required Qualifications
- Bachelor's degree in a relevant field
- 5+ years of progressive experience in information security, with a focus on vulnerability management or security operations
- Hands-on proficiency with enterprise vulnerability scanning platforms (e.g., Rapid7, Qualys, Tenable, Armis)
- Familiarity with SIEM tooling
- Experience with ticketing/workflow systems (e.g., ServiceNow Vulnerability Response)
- Experience with hybrid cloud security environments (AWS, Azure)
- Proven track record leading vulnerability management functions including full-cycle scanning operations, risk communication, and remediation tracking
- Strong data visualization and reporting skills (e.g., Wiz, Snowflake, Power BI)
- Proficiency with Excel and PowerPoint for stakeholder reporting
- Scripting experience in Python or PowerShell for automation
- Familiarity with security and compliance frameworks (NIST CSF or ISO 27001)
- Strong organizational and communication skills
- Ability to translate technical findings into business-relevant language
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.