Cybersecurity Specialist - Vulnerability Management

Cybersecurity Specialist - Vulnerability Management (Remote: Charlotte, NC*)

Optomi, in partnership with a client in the financial services space, is looking to add a Cybersecurity Specialist over Vulnerability Management! The Cyber Security Specialist over Vulnerability Management, provides strategic leadership and subject-matter expertise for the enterprise vulnerability management program. This role is responsible for defining, operating, and continuously improving vulnerability management processes across infrastructure, endpoints, cloud environments, and external attack surfaces.

The Cyber Security Specialist partners and collaborates with cloud, IT operations, SOC, risk, and executive teams to ensure exposures are identified, prioritized, remediated, and validated in line with business risk tolerance and regulatory requirements.

This role serves as a trusted advisor, translating technical risk into actionable business insight and driving accountability across teams.

The ideal candidate brings deep hands-on expertise, strong leadership presence, and a proven ability to mature vulnerability management programs in complex enterprise environments.

*Note: This role starts off as a full-time, remote contract on W2. Benefits (medical, dental and 401K) are available during the contract duration. If a candidate wants to convert full-time, they must reside in or relocate to Charlotte, NC. Otherwise, the role will continue as a contract.

Key Responsibilities

Vulnerability Management Leadership

• Lead the enterprise vulnerability management program, including tooling, processes, and governance.
• Define and enforce risk-based vulnerability prioritization standards aligned with business impact and threat intelligence.
• Oversee vulnerability discovery and data aggregation across servers, endpoints, network devices, cloud environments, and external attack surfaces.
• Establish and manage remediation SLAs, escalation paths, and accountability models across technology teams.
• Lead remediation coordination efforts with infrastructure, cloud, endpoint, and IT operations teams.
• Validate remediation effectiveness through follow-up testing and continuous monitoring.
• Identify coverage gaps and drive improvements in scanning, detection, and validation capabilities.

Risk Management, Reporting & Executive Engagement

• Translate vulnerability data into meaningful business risk narratives for senior leadership and executive audiences.
• Develop and present executive-level dashboards, metrics, and risk trends that inform decision-making.
• Provide risk-based recommendations to leadership regarding remediation prioritization and exception handling.
• Collaborate with senior leadership for any requested security exemptions.
• Support enterprise risk management, audit, and compliance initiatives related to vulnerability management.
• Maintain authoritative documentation, standards, and procedures for the vulnerability management program.

Program Maturity & Continuous Improvement

• Drive the maturity of the vulnerability management lifecycle, incorporating automation, threat intelligence, and continuous improvement practices.
• Evaluate and recommend new tools, technologies, and integrations to improve efficiency and effectiveness.
• Mentor and guide junior cybersecurity staff and contribute to team skill development.
• Act as a senior escalation point for complex vulnerability and remediation challenges.
• Required Skills & Competencies
• Expert knowledge of vulnerability management frameworks, common vulnerability classes, and risk-based prioritization models.
• Extensive hands-on experience with enterprise vulnerability management (Qualys preferred) platforms and EASM solutions.
• Strong understanding of infrastructure, cloud, endpoint, and network security architectures.
• Proven ability to lead cross-functional initiatives without direct authority.
• Strong analytical skills with the ability to synthesize large datasets into actionable insights.
• Executive-level communication skills, including the ability to influence and advise senior stakeholders.
• Cloud & Infrastructure Security: Cloud-native security tools and CSPM platforms
• Reporting & Governance: Dashboards, ticketing systems, risk tracking, and executive reporting tools

Experience Expectations

• 7+ years of progressive experience in cybersecurity, with deep specialization in vulnerability management.
• Demonstrated success owning or leading an enterprise vulnerability management program.
• Proven experience driving remediation outcomes across large, distributed technology environments.
• Education & Certification Requirements
• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field, or equivalent professional experience.
• Cybersecurity certifications are a plus