Manager, Security Operations (Vulnerability Management)

Manager, Security Operations (Vulnerability Management)

Type: Permanent/FTE

Location: Hybrid, 3x/week in Etobicoke

Our client, is seeking a Manager, Security Operations to lead and mature their Vulnerability Management (VM) program. This role will provide leadership to a small team of analysts while driving the evolution, effectiveness, and stability of vulnerability management practices across the organization.

This is an excellent opportunity for a security leader who combines strong vulnerability management expertise with program leadership and cross-functional collaboration skills. The successful candidate will play a key role in strengthening the security posture in a highly regulated, payments-driven environment.

• Lead the day-to-day execution and continuous improvement of the Vulnerability Management program
• Provide input and recommendations to inform future VM roadmap decisions
• Execute the Vulnerability Management strategy and roadmap defined by senior security leadership
• Support audit readiness and participate in audit-related discussions
• Identify program gaps and propose remediation plans for review and approval by senior security leadership

• Oversee vulnerability identification, prioritization, and remediation tracking
• Guide the team on risk-based vulnerability prioritization
• Provide input on improving integrations between VM tools and ticketing platforms
• Troubleshoot program challenges and drive resolution across teams
• Ensure effective reporting and metrics around vulnerability posture

• Manage and mentor a team of vulnerability management analysts
• Provide coaching, performance management, and development support
• Foster a collaborative and accountable team culture

• Lead cross-functional discussions with infrastructure, application, and platform teams
• Drive remediation accountability in partnership with senior security leadership, escalating risks and blockers through defined governance channels
• Partner with GRC and risk teams where required
• Manage day-to-day engagement with third-party VM and penetration testing vendors, in alignment with contracts and strategy

• 6+ years in Cybersecurity, with strong focus on Vulnerability Management
• Experience building, maturing, or improving a VM program
• Prior people management or team lead experience
• Experience working in regulated environments (e.g., payments, financial services, fintech, telecom, SaaS)
• Experience supporting audits and compliance-driven security programs

Strong understanding of:

• Vulnerability management lifecycle and best practices
• Risk-based vulnerability prioritization
• Security controls and remediation strategies
• Enterprise vulnerability scanning tools (e.g., Tenable, Qualys, Rapid7, Defender, etc.)
• Ticketing/workflow tools such as ServiceNow or Jira

Note: Hands-on scanning or scripting is not required, but conceptual knowledge is beneficial.

• Strong communication and stakeholder management skills
• Ability to influence and drive action across teams
• Collaborative and proactive leadership style
• Comfortable operating in a fast-paced environment
• Confident in leading technical and risk discussions