All roles

Open role

[Remote] Vulnerability & Cloud Security Program Manager

Remote · Sri Lanka Full-time

Note: The job is a remote job and is open to candidates in USA. NinjaOne is a company that automates the hardest parts of IT to deliver visibility, security, and control over all endpoints for more than 40,000 customers. They are seeking a Vulnerability & Cloud Security Program Manager to lead the enterprise vulnerability management and cloud security posture management programs, ensuring timely identification and remediation of risks across various environments.

Responsibilities

  • Lead and operate the full vulnerability management and CSPM lifecycle, ensuring timely discovery, assessment, prioritization, and remediation
  • Administer and optimize our vulnerability management and CSPM platforms, including policies, integrations, reporting, and automation
  • Monitor cloud and infrastructure environments to identify misconfigurations, excessive permissions, and compliance drift, primarily in AWS
  • Partner with engineering and DevOps teams to drive remediation efforts, facilitate triage discussions, and provide technical guidance on complex issues
  • Align security practices with frameworks such as FedRAMP, NIST CSF, ISO 27001, and CIS Controls
  • Track and report key KPIs and risk metrics to leadership, including SLA compliance and vulnerability trends
  • Automate detection, remediation workflows, and tool integrations to enhance efficiency and expand security capabilities
  • Other duties as needed

Skills

  • Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or equivalent experience
  • 5+ years of experience in vulnerability management and at least 2+ years in cloud security
  • Strong understanding of AWS security best practices and cloud-native architectures
  • Familiarity with vulnerability scoring systems like CVSS and risk-based prioritization
  • Excellent communication, collaboration, and stakeholder management skills
  • Hands-on experience with CSPM tools, vulnerability detection platforms, and automation (Wiz, AWS Inspector, Nessus, OpenSCAP preferred)
  • Security certifications such as CISSP, AWS Security Specialty, or GIAC Cloud Security are a plus
  • Preferred knowledge of regulatory and compliance frameworks such as PCI DSS, HIPAA, SOX, FedRAMP

Benefits

  • Comprehensive benefits package, which includes medical, dental, and vision insurance
  • 401(k) plan
  • Unlimited PTO
  • Life insurance coverage and PTO
  • Free and unlimited onboarding, training, and support
  • Hybrid remote
  • Opportunity for growth and advancement

Company Overview

  • NinjaOne serves as an IT platform for endpoint management that enhances productivity, minimizes risks, and lowers overall IT expenses. It was founded in 2013, and is headquartered in Austin, Texas, USA, with a workforce of 1001-5000 employees. Its website is https://www.ninjaone.com.
  • More open positions