Vulnerability Management Lead

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM.

We are seeking a detail-oriented and analytical Vulnerability Management Lead to join our managed cybersecurity team. Managed Security Service Providers (MSSPs) act as vital partners in the ongoing battle against cyber threats for our clients. To excel in this environment, a Vulnerability Management Leader must move beyond simple scanning to provide proactive, risk-based strategies that ensure client resilience. The ideal candidate will possess strong critical thinking skills and a proactive approach to identifying, assessing, and mitigating vulnerabilities within clients’ systems and networks. Being able to convert technical data into Client-friendly prioritized business risk mitigation strategies.  This role is essential in ensuring the security and integrity of our clients’ information assets and will involve collaboration with various teams to enhance their overall security posture.

Key Responsibilities

• Strategic Leadership: Develop and execute a comprehensive vulnerability management strategy that aligns with global business objectives and regulatory requirements.
• Risk-Based Prioritization: Use advanced frameworks like Continuous Threat Exposure Management (CTEM) and Unified Vulnerability Management (UVM) to prioritize remediation based on business impact and actual exploitability.
• Client Experience & Outcomes: Serve as a subject matter expert (SME) for clients, converting complex technical data into actionable insights and strategic recommendations.
• Managed Service Excellence: Oversee the end-to-end vulnerability lifecycle—discovery, assessment, remediation, and verification—to ensure strict adherence to client SLAs and quality standards.
• Program Maturity: Develop and track sophisticated metrics, including KPIs and KRIs, to demonstrate program effectiveness and drive continuous improvement.
• Cross-Functional Collaboration: Partner with Incident Response, Threat Intelligence, Cyber Strategy, Security Operations, and Penetration Testing teams to provide a holistic view of the threat landscape.
• Inter-Departmental Liaison: Act as the primary bridge between the Vulnerability Management pod and the Security Operations Center (SOC) to ensure seamless intelligence sharing.
• Talent Mentorship: Actively coach and mentor a global team of vulnerability analysts and engineers, fostering a culture of Continuous Learning and professional growth.

Preferred Requirements & Qualifications

• Experience: 6–10+ years in vulnerability management or cybersecurity leadership, ideally within an MSSP or global enterprise environment.
• Technical Depth: Expert proficiency with enterprise tools such as Tenable, Qualys, Rapid7, and Wiz.
• Risk Mindset: Deep understanding of risk management methodologies, CVSS scoring, and the MITRE ATT&CK framework.
• Communication: Exceptional ability to communicate complex risk strategies to both technical teams and executive leadership.
• Certifications: Preferred credentials include CISSP, CISM, or specialized cloud security certifications.

Education

• Bachelor’s degree in Computer Science, Cybersecurity, or a related technical field (Master's or MBA preferred for leadership roles).

At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/working-at-rsm/benefits.

All applicants will receive consideration for employment as RSM does not tolerate discrimination and/or harassment based on race; color; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender; sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the US uniformed service; US Military/Veteran status; pre-disposing genetic characteristics or any other characteristic protected under applicable federal, state or local law. 

Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please call us at 800-274-3978 or send us an email at [email protected].

RSM does not intend to hire entry level candidates who will require sponsorship now OR in the future (i.e. F-1 visa holders). If you are a recent U.S. college / university graduate possessing 1-2 years of progressive and relevant work experience in a same or similar role to the one for which you are applying, excluding internships, you may be eligible for hire as an experienced associate.

RSM will consider for employment qualified applicants with arrest or conviction records. For those living in California or applying to a position in California, please click here for additional information.

At RSM, an employee’s pay at any point in their career is intended to reflect their experiences, performance, and skills for their current role. The salary range (or starting rate for interns and associates) for this role represents numerous factors considered in the hiring decisions including, but not limited to, education, skills, work experience, certifications, location, etc. As such, pay for the successful candidate(s) could fall anywhere within the stated range.