Manager, Vulnerability and Data Security

About Our Client

The organization operates in the information security space, focusing on safeguarding critical data across cloud-based systems and services with no physical data center footprint. It addresses the challenge of managing vulnerabilities and data security in a fully cloud-native environment, emphasizing risk reduction across cloud, endpoints, and applications. The company’s approach includes building controls and monitoring to ensure end-to-end protection of sensitive data, supporting a Flexible First work model that accommodates remote work across the United States.

About the Opportunity

The Manager, Vulnerability & Data Security leads the vulnerability management program and establishes a data security framework to reduce risk and protect critical data across the organization’s cloud-based systems. This role drives measurable improvements in security by integrating vulnerability findings into engineering processes, enforcing data classification and access controls, and ensuring compliance with data protection regulations. The position plays a key role in coordinating cross-functional teams and delivering actionable metrics and reporting to leadership, directly influencing the company’s security posture and regulatory readiness.

Responsibilities

• Lead vulnerability management strategy, including asset coverage, scanning cadence, prioritization, and risk reduction using Tenable and Snyk.
• Integrate vulnerability findings into engineering backlogs with clear SLAs and collaborate with SRE, platform, and application teams on remediation.
• Establish risk-based prioritization criteria and publish dashboards for leadership transparency.
• Enhance patching and configuration baselines with preventative controls and secure-by-default guardrails.
• Coordinate vulnerability disclosure, penetration test intake, and threat-driven campaigns.
• Report program status, trends, and exceptions to security leadership and auditors.
• Define data ownership and stewardship for critical datasets with clear roles and responsibilities.
• Develop and enforce data classification, access, and usage policies supporting least privilege and segregation of duties.
• Deploy and operationalize Sentra (DSPM) and Google DLP tools to monitor data exposure and access risks, driving timely remediation.
• Build data lifecycle controls and technical guardrails embedded in platforms and workflows.
• Ensure compliance with data protection regulations such as PCI and SOX, collaborating on control design, testing, and evidence collection.
• Partner with Security, Legal, Privacy, and Data teams to protect data and enable safe analytics and product use cases.
• Develop and report on metrics related to data loss prevention incidents, misconfigurations, and policy violations.

Requirements

• 7 to 10+ years in information security with at least 3 years leading programs or teams; experience in regulated or fintech environments preferred.
• Hands-on experience managing vulnerabilities at scale using Tenable and Snyk across cloud-native environments, containers, endpoints, and CI/CD pipelines.
• Experience developing and maturing data security programs with Sentra (DSPM) and Google DLP, including policy design and enforcement.
• Ability to manage partnerships across engineering, data, and compliance teams, translating risk into actionable and measurable plans.
• Knowledge of PCI and SOX compliance requirements and familiarity with SDLC, DevSecOps, and cloud security architectures (AWS/GCP/Azure).
• Comfortable with IAM/IGA, SIEM, CNAPP, and integrating ticketing and workflow systems; strong understanding of data governance principles.
• Strong communication and reporting skills, capable of delivering clear narratives and executive-level metrics.
• Certifications such as CISSP or CISM are advantageous.

Pay Range and Compensation Package

• National: $167,100 - $208,900
• Premium: $179,800 - $224,700
• Premium Plus: $195,400 - $244,400
• Annual bonuses awarded based on individual and company performance.

Benefits & Perks

• Multiple health insurance options
• Flexible time off policy
• Retirement savings plan with company and after-tax contributions
• Equity in a publicly traded company and Employee Stock Purchase Program
• Family-forming benefits, fertility support, and up to 20 weeks of parental leave
• Access to free therapy sessions, financial and professional coaching, and legal advice

Equal Opportunity Statement

Our client is an equal opportunity employer. They celebrate diversity and are committed to creating an inclusive environment for all employees. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, or national origin. Note:RemoteHunter is not the Employer of Record (EOR) for this role. Our purpose in this opportunity is to connect exceptional candidates with leading employers. We help job seekers worldwide discover roles that match their goals and guide them to complete their full application directly through the hiring company’s career page or ATS.

Key skills/competency

• Vulnerability Management
• Data Security
• Cloud Security
• Risk Management
• Tenable
• Snyk
• Sentra (DSPM)
• Google DLP
• PCI Compliance
• SOX Compliance