×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

Security Specialist Lead - Vulnerability Dispositioning

Job in Columbus, Franklin County, Ohio, 43201, USA
Listing for: American Electric Power
Full Time position
Listed on 2026-06-05
Job specializations:
  • IT/Tech
    Cybersecurity
Job Description & How to Apply Below
** Job Posting End Date*
* 06-13-2026

Please note the job posting will close on the day before the posting end date.

** Job Summary*
* Responsible for large-scale security assignments providing direction to other team members. Responsible for gathering, investigating, and analyzing very complex security requirements, processes, and incidents. Leads analysis of security controls assessments (internal and third party) through application security testing, penetration testing or other means to ensure controls effectiveness. Leads the identification and documentation of potential mitigations /remediations and ensures report creation of findings with identified risk response.

Responsible for the conceptual design of implementation strategies on assigned security projects/activities. Leads advanced level implementation, support, and/or usage of technical solutions. Leads others in advanced problem solving, decision-making, and functional area knowledge. Mentors and provides functional/technical work direction to team.

** Job Description*
* ** What you'll do:*
* ** Essential Job Functions & Tasks*
* + Lead the Vulnerability Dispositioning sub-team (Pillar 3 of AEP's four-pillar Cybersecurity Vulnerability Management program), responsible for moving analyzed vulnerabilities through to documented remediation decisions in partnership with AEP business units.

+ Receive analyzed vulnerabilities from the Vulnerability Analysis sub-team and oversee the team's work building remediation action plans with affected business units, including patch, mitigate, configuration change, and formal exception paths.

+ Own end-to-end operation of AEP's vulnerability exception process, including intake, validation, risk ranking inputs, and routing of exceptions through the appropriate Director, VP, and SVP approval chains.

+ Own the File Integrity Assurance function within the Vulnerability Management program, ensuring the integrity of monitored files and systems is maintained, reviewed, and reported on as part of the team's overall risk posture.

+ Serve as the AEP point of contact for the on-premises Fortress vulnerability management platform - partnering directly with the Fortress vendor on platform health, configuration, and roadmap alignment with AEP's needs.

+ Perform quality control on Fortress platform releases, regression-test new versions before they reach the team, validate that the platform behaves as expected, and submit, track, and drive resolution of bug tickets and feature requests with the vendor.

+ Lead the continued rollout of the vulnerability automation initiative, including the Fortress platform's automated vulnerability ticketing capability - driving design, configuration, testing, business unit onboarding, and post-launch tuning.

+ Host twice-weekly Vulnerability Management office hours for remediation teams across AEP, fielding questions, clarifying process, and removing roadblocks that slow business unit response.

+ Provide technical leadership and day-to-day coordination for one junior AEP analyst and approximately three Fortress Information Security contractors supporting routine dispositioning processes.

+ Coach, mentor, and develop junior team members and contract personnel; establish processes, runbooks, and standards that allow analysts at varying skill levels to operate consistently and effectively.

+ Build and maintain strong, collaborative working relationships with business unit partners across IT, Operational Technology, and corporate functions; model a constructive, helpful posture rather than an adversarial enforcement stance and hold the team to the same standard.

+ Build and maintain strong working relationships with AEP's Operational Technology partners (generation, transmission, distribution) so that dispositioning activities are coordinated, respectful of operational realities, and supportive of safe operations.

+ Ensure clean, structured warm handoffs of dispositioned items from the Dispositioning sub-team to the Vulnerability Tracking sub-team (Pillar
4), including approved exceptions, action plans, and remediation commitments with full context.

+ Produce and oversee director, VP, and SVP-level exception reports, approval packets, and status summaries; own the templates and standards the team uses to communicate with executive audiences.

+ Maintain clear, current documentation of exception status, business unit commitments, and outstanding action items so leadership has accurate visibility at any point in the process.

+ Advise the Vulnerability Management Manager on platform effectiveness, vendor performance, dispositioning process improvements, and resource needs.

+ Communicate complex risk decisions clearly to peers, business partners, contractors, and leadership at all levels of the organization.

+ Maintain awareness of NERC CIP regulatory requirements as dispositioning activities interact with CIP-regulated assets and information.

+ Participate in a shared on-call rotation across the broader Vulnerability…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search