Position Details

Salary $180K – $200K USD / year

Type Full-Time

Experience senior

Exp. Years 10+ years

Education Not specified

Category Cybersecurity

About this role

Senior security advisory role focusing on enterprise-scale threat & vulnerability management, leading strategy, governance, and remediation programs across hybrid environments with executive engagement.

Key Responsibilities

Advise and oversee client projects on Threat & Vulnerability Management strategy, operating models, and multi-year maturity roadmaps
Translate business and data risks into threat and vulnerability management priorities
Align programs to frameworks (NIST, ISO, MITRE ATT&CK-informed)
Define governance models, roles, and RACI structures
Drive operationalization of CTEM strategies into repeatable enterprise processes

Technical Overview

Leads in TVM strategy, CTEM, exposure validation, threat-informed defense; familiar with VM tooling (Tenable, Qualys, Rapid7, Microsoft); cloud, on-prem, compute, containers; automation and dashboards for CISO/CIO/board.

Ideal Candidate

The ideal candidate is a senior TVM consultant with 10+ years in cybersecurity and 7-10+ years in consulting, capable of leading enterprise-scale vulnerability management programs, and delivering executive-level risk insights.

Must-Have Skills

10+ years in cybersecurity with focus on threat and vulnerability management7-10+ years in cybersecurity consulting/advisoryProven experience operationalizing enterprise-scale vulnerability and remediation programsExperience coordinating remediation across infrastructurenetworkcloudand application teamsStrong understanding of attacker TTPs and threat-informed defense

Nice-to-Have Skills

Experience in financial serviceshealthcareor regulated industriesKnowledge of cloud and container security exposure managementFamiliarity with attack surface managementCISSPCISMGIACExperience with major VM platforms (TenableQualysRapid7Microsoftetc.)Automation/orchestration for remediation workflowsExecutive dashboards and reporting frameworks

Tools & Platforms

TenableQualysRapid7Microsoft

Required Skills

Threat & Vulnerability ManagementTVMCTEMexposure managementMITRE ATT&CK-informed approachesNISTISOgovernance modelsremediationpatch managementcloud platforms and servicesinfrastructurenetworkapplicationvulnerability scanningexecutive reportingKPI/SLAsdashboardingconsulting/advisory

Hard Skills

Threat & Vulnerability ManagementTVMCTEMexposure managementMITRE ATT&CK-informed approachesNISTISOgovernance modelsExecutive reportingboard-level reporting

Soft Skills

Executive communicationStakeholder managementStrategic advisoryMentorshipCollaborative leadership

Certifications

Preferred

CISSPCISMGIAC

Industry & Role

Industry Technology

Job Function Provide advisory and delivery leadership for enterprise-scale Threat & Vulnerability Management programs.

Role Subtype Security Architect

Tech Domains Cybersecurity, Cloud, ITSM / ServiceNow, VMware, Microsoft, Security, Networking / TCP-IP

Keywords for Your Resume

Threat & Vulnerability ManagementTVMCTEMexposure managementMITRE ATT&CK-informed approachesNISTISOgovernance modelsremediationpatch managementcloudon-premhybridenterprise-scaleexecutive reportingboard-level reportingCISOCIOconsultingExecutive reporting

Deal Breakers

Less than 10 years in cybersecurity, No TVM or advisory experience, No consulting experience

Apply for this Position →

Get matched to jobs like this

Luna finds roles that fit your skills and career goals — no endless scrolling required.

Create a Free Profile

Security Solutions Principal - Threat and Vulnerability Management (TVM)

Get matched to jobs like this