[Remote] Vulnerability & Cloud Security Program Manager
Note: The job is a remote job and is open to candidates in USA. NinjaOne is a company that automates the hardest parts of IT to deliver visibility, security, and control over all endpoints for more than 40,000 customers. They are seeking a Vulnerability & Cloud Security Program Manager to lead the enterprise vulnerability management and cloud security posture management programs, ensuring timely identification and remediation of risks across various environments.
Responsibilities
- Lead and operate the full vulnerability management and CSPM lifecycle, ensuring timely discovery, assessment, prioritization, and remediation
- Administer and optimize our vulnerability management and CSPM platforms, including policies, integrations, reporting, and automation
- Monitor cloud and infrastructure environments to identify misconfigurations, excessive permissions, and compliance drift, primarily in AWS
- Partner with engineering and DevOps teams to drive remediation efforts, facilitate triage discussions, and provide technical guidance on complex issues
- Align security practices with frameworks such as FedRAMP, NIST CSF, ISO 27001, and CIS Controls
- Track and report key KPIs and risk metrics to leadership, including SLA compliance and vulnerability trends
- Automate detection, remediation workflows, and tool integrations to enhance efficiency and expand security capabilities
- Other duties as needed
Skills
- Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or equivalent experience
- 5+ years of experience in vulnerability management and at least 2+ years in cloud security
- Strong understanding of AWS security best practices and cloud-native architectures
- Familiarity with vulnerability scoring systems like CVSS and risk-based prioritization
- Excellent communication, collaboration, and stakeholder management skills
- Hands-on experience with CSPM tools, vulnerability detection platforms, and automation (Wiz, AWS Inspector, Nessus, OpenSCAP preferred)
- Security certifications such as CISSP, AWS Security Specialty, or GIAC Cloud Security are a plus
- Preferred knowledge of regulatory and compliance frameworks such as PCI DSS, HIPAA, SOX, FedRAMP
Benefits
- Comprehensive benefits package, which includes medical, dental, and vision insurance
- 401(k) plan
- Unlimited PTO
- Life insurance coverage and PTO
- Free and unlimited onboarding, training, and support
- Hybrid remote
- Opportunity for growth and advancement
Company Overview