PART 1: The Cleaned Job Description
Vulnerability Management Lead — Cloud Security (Azure & GCP)
About the Role
We are seeking a seasoned Vulnerability Management Lead to own and drive the end-to-end vulnerability management and remediation program across multi-cloud environments. With a primary focus on Microsoft Azure and working exposure to Google Cloud Platform (GCP), you will lead a high-performing team, define strategy, and ensure proactive identification, prioritization, and resolution of security vulnerabilities at enterprise scale.
Key Responsibilities
Program Leadership
- Lead the Vulnerability Management function across cloud and hybrid environments
- Define strategy, roadmap, and operating model for the VM program
- Mentor, guide, and manage the vulnerability management team
- Act as the primary escalation point for critical and high-severity vulnerabilities
- Drive automation initiatives and maintain reporting dashboards for visibility
Vulnerability Lifecycle Management
- Perform end-to-end vulnerability scanning, assessment, prioritization, and remediation
- Manage the full vulnerability lifecycle: Discovery → Assessment → Remediation → Reporting
- Ensure vulnerability closure within defined SLAs
- Collaborate with stakeholders on remediation governance and tracking
Cloud Security Focus
| Platform | Exposure | Key Tools & Areas |
|---|---|---|
| Microsoft Azure | ~70% | Microsoft Defender for Cloud, Azure Security Center, Azure Policy, Azure Resource Graph, CSPM |
| Google Cloud Platform | ~30% | Security Command Center, Cloud Asset Inventory, IAM, misconfiguration visibility |
- Identify, prioritize, and remediate cloud misconfigurations and vulnerabilities across both platforms
- Drive cloud security posture management (CSPM) initiatives
Requirements
Technical Skills
- Strong hands-on experience in Vulnerability Management & Remediation as primary career focus
- Proficiency with industry-standard tools: Qualys, Tenable (Nessus), Rapid7, and cloud-native security tooling
- Solid knowledge across network, OS, endpoint, application, and cloud security domains
- Basic understanding of DevSecOps principles and practices
Experience & Qualifications
- 10–12+ years of overall experience in Cybersecurity, Infrastructure Security, Cloud Security, or Vulnerability Management
- Majority of experience must be in Vulnerability Management, Vulnerability Assessment, Remediation Governance, and Security Operations
- Strong Microsoft Azure hands-on exposure (~70%) with working GCP knowledge (~30%)
- Proven leadership in managing VM programs, remediation tracking, stakeholder governance, and technical teams
Key Competencies
- Strong problem-solving and remediation-first mindset
- Excellent communication and senior stakeholder management
- Ownership-driven leadership with cross-functional accountability
Success KPIs
- Measurable reduction in high and critical open vulnerabilities
- Improvement in remediation SLA adherence
- Team productivity and high-quality delivery metrics