PitchMeAI
RemoteHunter

Manager, Vulnerability & Data Security

RemoteHunter · United States

  • Hybrid
  • Full-time
  • $208,900 / year
  • United States

Job highlights

  • Lead vulnerability management and data security programs.
  • Protect critical data in cloud-native environments.
  • Integrate security findings into engineering processes.
  • Ensure compliance with data protection regulations.
  • Report security metrics to leadership.

About the role

About Our Client

The organization operates in the information security space, focusing on safeguarding critical data across cloud-based systems and services with no physical data center footprint. It addresses the challenge of managing vulnerabilities and data security in a fully cloud-native environment, emphasizing risk reduction across cloud, endpoints, and applications. The company’s approach includes building controls and monitoring to ensure end-to-end protection of sensitive data, supporting a Flexible First work model that accommodates remote work across the United States.

About the Opportunity

The Manager, Vulnerability & Data Security leads the vulnerability management program and establishes a data security framework to reduce risk and protect critical data across the organization’s cloud-based systems. This role drives measurable improvements in security by integrating vulnerability findings into engineering processes, enforcing data classification and access controls, and ensuring compliance with data protection regulations. The position plays a key role in coordinating cross-functional teams and delivering actionable metrics and reporting to leadership, directly influencing the company’s security posture and regulatory readiness.

Responsibilities

  • Lead vulnerability management strategy, including asset coverage, scanning cadence, prioritization, and risk reduction using Tenable and Snyk.
  • Integrate vulnerability findings into engineering backlogs with clear SLAs and collaborate with SRE, platform, and application teams on remediation.
  • Establish risk-based prioritization criteria and publish dashboards for leadership transparency.
  • Enhance patching and configuration baselines with preventative controls and secure-by-default guardrails.
  • Coordinate vulnerability disclosure, penetration test intake, and threat-driven campaigns.
  • Report program status, trends, and exceptions to security leadership and auditors.
  • Define data ownership and stewardship for critical datasets with clear roles and responsibilities.
  • Develop and enforce data classification, access, and usage policies supporting least privilege and segregation of duties.
  • Deploy and operationalize Sentra (DSPM) and Google DLP tools to monitor data exposure and access risks, driving timely remediation.
  • Build data lifecycle controls and technical guardrails embedded in platforms and workflows.
  • Ensure compliance with data protection regulations such as PCI and SOX, collaborating on control design, testing, and evidence collection.
  • Partner with Security, Legal, Privacy, and Data teams to protect data and enable safe analytics and product use cases.
  • Develop and report on metrics related to data loss prevention incidents, misconfigurations, and policy violations.

Requirements

  • 7 to 10+ years in information security with at least 3 years leading programs or teams; experience in regulated or fintech environments preferred.
  • Hands-on experience managing vulnerabilities at scale using Tenable and Snyk across cloud-native environments, containers, endpoints, and CI/CD pipelines.
  • Experience developing and maturing data security programs with Sentra (DSPM) and Google DLP, including policy design and enforcement.
  • Ability to manage partnerships across engineering, data, and compliance teams, translating risk into actionable and measurable plans.
  • Knowledge of PCI and SOX compliance requirements and familiarity with SDLC, DevSecOps, and cloud security architectures (AWS/GCP/Azure).
  • Comfortable with IAM/IGA, SIEM, CNAPP, and integrating ticketing and workflow systems; strong understanding of data governance principles.
  • Strong communication and reporting skills, capable of delivering clear narratives and executive-level metrics.
  • Certifications such as CISSP or CISM are advantageous.

Pay Range and Compensation Package

  • National: $167,100 - $208,900
  • Premium: $179,800 - $224,700
  • Premium Plus: $195,400 - $244,400
  • Annual bonuses awarded based on individual and company performance.

Benefits & Perks

  • Multiple health insurance options
  • Flexible time off policy
  • Retirement savings plan with company and after-tax contributions
  • Equity in a publicly traded company and Employee Stock Purchase Program
  • Family-forming benefits, fertility support, and up to 20 weeks of parental leave
  • Access to free therapy sessions, financial and professional coaching, and legal advice

Equal Opportunity Statement

Our client is an equal opportunity employer. They celebrate diversity and are committed to creating an inclusive environment for all employees. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, or national origin. Note:RemoteHunter is not the Employer of Record (EOR) for this role. Our purpose in this opportunity is to connect exceptional candidates with leading employers. We help job seekers worldwide discover roles that match their goals and guide them to complete their full application directly through the hiring company’s career page or ATS.

Key skills/competency

  • Vulnerability Management
  • Data Security
  • Cloud Security
  • Risk Management
  • Tenable
  • Snyk
  • Sentra (DSPM)
  • Google DLP
  • PCI Compliance
  • SOX Compliance

Skills & topics

  • Manager
  • Vulnerability Management
  • Data Security
  • Information Security
  • Cloud Security
  • Risk Management
  • Tenable
  • Snyk
  • Sentra
  • Google DLP
  • PCI
  • SOX
  • DevSecOps
  • AWS
  • GCP
  • Azure
  • CISSP
  • CISM
  • Remote

How to get hired

  • Tailor your resume: Highlight experience with Tenable, Snyk, Sentra, and Google DLP, and showcase leadership in information security programs.
  • Craft a compelling cover letter: Emphasize your ability to manage cross-functional teams and translate technical risk into business impact for cloud-native environments.
  • Prepare for technical interviews: Be ready to discuss vulnerability management strategies, data classification policies, and compliance with regulations like PCI and SOX.
  • Showcase leadership skills: Demonstrate your experience in program management, strategic planning, and reporting executive-level metrics.
  • Understand the company culture: Research their focus on cloud-native security and their Flexible First work model to align your application.

Technical preparation

Master Tenable and Snyk for vulnerability scanning.,Implement data classification and access controls.,Familiarize with Sentra and Google DLP tools.,Understand cloud security architectures (AWS/GCP/Azure).

Behavioral questions

Describe leading a security program team.,How do you integrate security into engineering?,Explain risk prioritization and communication.,How have you ensured regulatory compliance?

Frequently asked questions

What is the primary focus of the Manager, Vulnerability & Data Security role at RemoteHunter?
The Manager, Vulnerability & Data Security role is focused on leading the company's vulnerability management program and establishing a robust data security framework to protect critical data within cloud-based systems. This involves reducing risk, ensuring compliance, and integrating security findings into engineering workflows.
What specific tools are essential for this Manager, Vulnerability & Data Security position?
Hands-on experience with vulnerability management tools like Tenable and Snyk is crucial. Additionally, experience with data security platforms such as Sentra (DSPM) and Google DLP is required for monitoring data exposure and access risks.
Does this Manager, Vulnerability & Data Security role require specific industry experience?
While not strictly mandatory, experience in regulated or fintech environments is preferred for this role. Familiarity with compliance requirements like PCI and SOX is also highly beneficial.
What are the key compliance responsibilities for the Manager, Vulnerability & Data Security?
The role involves ensuring compliance with data protection regulations such as PCI and SOX. This includes collaborating on control design, testing, evidence collection, and partnering with Legal, Privacy, and Data teams.
What level of experience is expected for the Manager, Vulnerability & Data Security role?
Candidates should have 7 to 10+ years of experience in information security, with at least 3 years specifically in leading programs or teams. This indicates a need for significant expertise and demonstrated leadership.
Is this a remote position, and if so, where can candidates be located?
Yes, this is a remote position that supports a 'Flexible First' work model. Candidates can be located anywhere across the United States.
What are the salary expectations for the Manager, Vulnerability & Data Security role?
The salary range for this position varies based on location tier, with National at $167,100 - $208,900, Premium at $179,800 - $224,700, and Premium Plus at $195,400 - $244,400 annually, in addition to potential bonuses.
What benefits are offered to the Manager, Vulnerability & Data Security?
The company offers a comprehensive benefits package including multiple health insurance options, flexible time off, a retirement savings plan, company equity, employee stock purchase program, family-forming benefits, and access to various support services.