Vulnerability & Cloud Security Program Manager
West Hartford, Hartford County, Connecticut, 06107, USA
Listed on 2026-07-09
-
IT/Tech
Cybersecurity
About the role
The Vulnerability & Cloud Security Program Manager leads the enterprise vulnerability management and cloud security posture management (CSPM) programs, ensuring timely identification, assessment, prioritization, and remediation of risks across on-premise, cloud, and application environments. This role leverages modern cloud security and vulnerability management platforms to monitor, analyze, and strengthen our security posture. The role collaborates closely with engineering, Dev Ops, and infrastructure teams to reduce risk exposure, support compliance obligations, and advance the organization’s overall security maturity.
LocationWe are flexible on remote working from home. Candidates must be located in the US and reside in one of the following states: CA, CO, CT, FL, GA, IL, KS, ME, MA, MD, NJ, NC, NY, OR, TN, TX, VA, WA. We have physical offices in Austin, TX and Tampa, FL for those who prefer a hybrid option.
What You’ll Be Doing- Lead and operate the full vulnerability management and CSPM lifecycle, ensuring timely discovery, assessment, prioritization, and remediation.
- Administer and optimize our vulnerability management and CSPM platforms, including policies, integrations, reporting, and automation.
- Monitor cloud and infrastructure environments to identify misconfigurations, excessive permissions, and compliance drift, primarily in AWS.
- Partner with engineering and Dev Ops teams to drive remediation efforts, facilitate triage discussions, and provide technical guidance on complex issues.
- Align security practices with frameworks such as FedRAMP, NIST CSF, ISO 27001, and CIS Controls.
- Track and report key KPIs and risk metrics to leadership, including SLA compliance and vulnerability trends.
- Automate detection, remediation workflows, and tool integrations to enhance efficiency and expand security capabilities.
- Other duties as needed.
- Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or equivalent experience.
- 5+ years of experience in vulnerability management and at least 2+ years in cloud security.
- Hands‑on experience with CSPM tools, vulnerability detection platforms, and automation (Wiz, AWS Inspector, Nessus, OpenSCAP preferred).
- Strong understanding of AWS security best practices and cloud‑native architectures.
- Familiarity with vulnerability scoring systems like CVSS and risk‑based prioritization.
- Excellent communication, collaboration, and stakeholder management skills.
- Security certifications such as CISSP, AWS Security Specialty, or GIAC Cloud Security are a plus.
- Preferred knowledge of regulatory and compliance frameworks such as PCI DSS, HIPAA, SOX, FedRAMP.
This position is NOT eligible for Visa sponsorship. Due to federal government security requirements associated with our FedRAMP-authorized environment, candidates must be U.S. citizens or lawful permanent residents.
Due to operational policies, Ninja One is unable to hire for this role within the city limits of Chicago. We will consider all qualified candidates who reside outside of the city proper or are willing to self‑relocate.
Salary and BenefitsStarting pay depends on various factors, including location, market demand, experience, job‑related knowledge, and skills. For roles based in California, Colorado, Maryland, New Jersey, or Washington the base salary hiring range is $180,000 to $220,000 per year. For roles based in New York the base salary range is also $180,000 to $220,000 per year. Benefits include medical, dental, vision insurance, 401(k) plan, life insurance coverage, and paid time off.
For applicable states, the benefits package also includes unlimited PTO and opportunities for growth and advancement.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, genetic information, marital status, veteran status, or any other status protected by applicable law. We are committed to providing an inclusive and diverse work environment.
#J-18808-Ljbffr(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).