The Manager of Threat and Vulnerability Management will play a critical role in overseeing the identification, assessment, and mitigation of security vulnerabilities and threats within the corporate environment. This individual will lead a team of security professionals (4 resources currently, but could hire more in the future) responsible for proactive vulnerability assessments, risk analysis, and ensuring the timely remediation of identified vulnerabilities. Reporting to the Director of Cyber Security Operations, the Manager will work with cross-functional teams to develop and implement strategies and processes to enhance the utility's security posture, ensuring the protection of sensitive infrastructure, data, and operations from cyber threats. This person must be comfortable working onsite 3 days / week in Downtown, Houston.
This person will be responsible for:
- Leading and managing the vulnerability analysts
- Overseeing the enterprise's cyber vulnerability management program (including identification, classification, and prioritization of vulnerabilities across the organization)
- Performing risk assessments to identify vulnerabilities and developing effective remediation plans
- Supporting cyber incident response efforts by providing analysis and insights on vulnerabilities
- Collaborating with the SOC, IT teams, and other relevant departments during incident investigations
- Ensuring that the current threat and vulnerability management practices align with industry standards and prepare regular reports/dashboards on threat landscape and vulnerability posture and remediation progress
- Evaluating and improving existing tools, process, and workflows related to threat and vulnerability management
Based on knowledge and years of experience, this position offers a base salary of $120,000-$135,000.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to
HR@insightglobal.com.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:
https://insightglobal.com/workforce-privacy-policy/ .
Bachelors degree in Computer Science, Information Security, or a related field.
5+ years of experience in cyber security
3+ years in a management or leadership role within a large enterprise or critical infrastructure environment
Proven experience in managing cyber vulnerability management programs, threat analysis, and incident response in a large enterprise or critical infrastructure environment
Strong understanding of security frameworks (NIST, ISO, etc.)
In-depth knowledge of risk management practices, vulnerability assessment tools, and threat intelligence platforms
Strong leadership and people management skills, with the ability to mentor and motivate a team
Proficiency with cyber vulnerability management tools (e.g., Rapid7) and SIEM platforms (e.g., Splunk)
Excellent communication skills, both written and verbal, with the ability to present complex information to non-technical stakeholders
Ability to manage multiple priorities in a fast-paced, high-pressure environment
Strong understanding of cyber security threats and vulnerabilities specific to electric and gas utilities, industrial control systems (ICS), and critical infrastructure
Relevant certifications (e.g., CISSP, CISM, CEH, GIAC) are highly preferred
Masters degree
Familiarity with operational technology (OT) security and challenges within the utility sector is a plus
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.