Security Vulnerability Management Architect

Client - This role is with a major U.S.-based telecom leader known for its large-scale network infrastructure and enterprise solutions

Job Title - Security Vulnerability Management Architect - 100% Remote

Type - Contract to hire

Location - Remote

Position Summary

We are seeking a highly skilled and hands-on Security Vulnerability Management Architect to lead the design, implementation, and continuous improvement of the enterprise vulnerability management program. This role combines strategic architecture responsibilities with operational execution, requiring deep technical expertise in vulnerability assessment, remediation orchestration, threat prioritization, and security tooling.

The ideal candidate will be capable of defining enterprise-wide vulnerability management strategy while also actively performing technical assessments, integrating security tools, automating workflows, and collaborating closely with infrastructure, cloud, DevOps, and application teams.

Key Responsibilities

Vulnerability Management Strategy & Architecture

• Design and maintain the enterprise vulnerability management framework, standards, processes, and governance model.
• Develop vulnerability prioritization methodologies using CVSS, threat intelligence, exploitability, business criticality, and exposure context.
• Architect scalable vulnerability management solutions across:
• On-prem infrastructure
• Cloud environments (AWS, Azure, GCP)
• Containers and Kubernetes
• Endpoints and servers
• Applications and APIs
• Network devices
• Define SLAs, KPIs, and reporting metrics for remediation tracking and compliance.
• Establish integration architecture between vulnerability scanners, CMDB, SIEM, ticketing systems, and asset inventory platforms.

Hands-On Technical Responsibilities

• Perform vulnerability assessments, scans, validation, and remediation verification.
• Configure, administer, and optimize tools such as:
• Tenable / Nessus
• Qualys
• Rapid7 InsightVM
• Prisma Cloud
• Wiz
• Microsoft Defender

Interested in remote work opportunities in Cyber Security? Discover Cyber Security Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.

• CrowdStrike
• Burp Suite
• Snyk
• Conduct authenticated and unauthenticated scanning.
• Analyze scan results and eliminate false positives.
• Validate vulnerabilities manually using scripts, command-line tools, and proof-of-concept testing.
• Develop automation scripts using Python, PowerShell, Bash, or APIs.
• Build dashboards and reporting for executives and technical stakeholders.
• Support patch validation and remediation testing activities.

Cloud & DevSecOps Responsibilities

• Integrate vulnerability management into CI/CD pipelines and DevSecOps processes.
• Implement container and image scanning solutions.
• Partner with engineering teams to shift vulnerability detection left.
• Evaluate Infrastructure-as-Code (IaC) security risks.
• Automate security checks within deployment workflows.

Threat & Risk Management

• Correlate vulnerabilities with threat intelligence and active exploitation trends.
• Conduct risk-based vulnerability prioritization.
• Support incident response teams during vulnerability-related security incidents.
• Track emerging vulnerabilities, zero-days, and remediation guidance.

Collaboration & Leadership

• Work closely with infrastructure, application, cloud, and SOC teams.
• Provide remediation guidance and security best practices.
• Lead vulnerability review meetings and risk discussions.
• Mentor junior security engineers and analysts.
• Influence enterprise security architecture decisions.

Required Qualifications

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field.

Browse our curated collection of remote jobs across all categories and industries, featuring positions from top companies worldwide.

• 8+ years of cybersecurity experience.
• 5+ years specifically in vulnerability management or security engineering.

Strong understanding of:

• Operating systems (Windows/Linux)
• Networking and protocols
• Cloud security
• Web application security
• Patch management processes
• Security architecture principles
• Experience with enterprise vulnerability management platforms.
• Strong scripting/automation skills.
• Experience with SIEM and ticketing integrations.
• Knowledge of MITRE ATT&CK, CVSS, CWE, and CVE frameworks.

Preferred Qualifications

• Experience in large enterprise or regulated environments.
• Familiarity with compliance frameworks:
• PCI-DSS
• ISO 27001
• NIST
• CIS Controls
• SOX
• HIPAA
• Experience with exposure management and attack surface management platforms.
• Knowledge of penetration testing methodologies.

Preferred Certifications

• CISSP
• GIAC (GPEN, GSEC, GMON, or similar)
• CEH
• OSCP
• AWS/Azure Security Certifications
• Security+
• Certified Vulnerability Assessor certifications