jobloom

JobLoom finds jobs directly from company career sites before many job boards, then routes you into detailed role pages like this one.

other

Posted 11 hours ago

Vulnerability Management Lead

at Saronic

Austin, United StatesHybrid
PythonLinux

Responsibilities

  • RESPONSIBILITIES Vulnerability Operations - Own end-to-end vulnerability lifecycle: discovery, validation, prioritization, remediation tracking, exception management, and verification across cloud, on-prem, container, and embedded Linux environments - Operate and optimize enterprise vulnerability scanning platforms for continuous credentialed scanning across servers, endpoints, network devices, containers, and cloud assets; maintain coverage, schedules, and configuration audit policies - Integrate

Requirements

  • JOB OVERVIEW We're looking for a hands-on Vulnerability Management Lead to own Saronic's VM program end-to-end.
  • Experience with CI/CD security tooling and supply chain risk management, including build pipeline security principles - Proven track record driving remediation accountability across engineering teams — you know how to get vulnerabilities closed, not just reported -
  • Experience aligning VM programs to federal or defense compliance frameworks; CMMC, NIST SP 800-171, or NIST RMF
  • Experience with AI-assisted vulnerability tooling, graph-based asset and exposure analysis, or automated enrichment pipelines -
  • Experience with CI/CD pipeline security hardening platforms -
  • Experience operating in classified or air-gapped environments - Scripting or automation
  • experience (Python, PowerShell, or Bash) for scan orchestration, data normalization, API integrations, and reporting pipelines -
  • Experience with container and cloud-native vulnerability management using CSP-native security tooling - Familiarity with NIST SP 800-218 (Secure Software Development Framework) and software supply chain security frameworks - Relevant certifications: CISSP, CySA+, GCSA, GCPN, Security+, or equivalent PHYSICAL DEMANDS - Prolonged periods of sitting at a desk and working on a computer - Occasional standing and walking within the office - Manual dexterity to operate a computer keyboard, mouse, and other office

Experience

  • QUALIFICATIONS - 5+ years in cybersecurity with 3+ years of hands-on vulnerability management ownership in hybrid on-prem/cloud environments - Deep operational expertise with enterprise vulnerability scanning platforms — credentialed scanning, policy tuning, coverage management, and integration with downstream workflows - Strong command of CVE/CVSS scoring, CISA KEV, exploit maturity indicators, and the ability to translate technical risk into business impact for non-technical stakeholders -

Benefits

  • BENEFITS Medical Insurance: Comprehensive health insurance plans covering a range of services Saronic pays 100% of the premium for employees and 80% for dependents Dental and Vision Insurance: Coverage for routine dental check-ups, orthodontics, and vision care Saronic pays 100% of the premium under the basic plan for employees and 80% for dependents Time Off: Generous PTO and Holidays Parental Leave: Paid maternity and paternity leave to support new parents Competitive Salary: Industry-standard salaries

Contact

  • Person”: (1) U.S. citizens, (2) legal permanent residents (a.k.a. green card holders), and (3) certain protected classes of asylees and refugees, as defined in 8 U.S.C. 1324b(a)(3) https://www.govinfo.gov/link/uscode/8/1324b.

Additional details

  • Saronic Technologies is a leader in revolutionizing autonomy at sea, dedicated to developing state-of-the-art solutions that enhance maritime operations through autonomous and intelligent platforms.
  • You will be the technical authority for vulnerability discovery, triage, prioritization, remediation, and reporting across our entire environment — cloud, on-prem, embedded systems, and classified infrastructure.
  • This is an individual contributor role with significant operational and strategic ownership: you'll build and run the program, drive accountability across engineering teams, and shape the long-term VM posture as Saronic scales.
  • You're also someone who can step back, think about the program architecturally, and communicate risk clearly to leadership.
  • The right person for this role has strong opinions about how VM should work, isn't afraid to push for remediation ownership across the org, and sees automation as the path to scale.
  • experience strongly preferred - Metrics-driven: comfortable owning exposure reduction KPIs, SLA adherence, MTTR, and patch coverage dashboards - Clear, direct communicator — equally effective in a technical deep-dive and an executive briefing - Security clearance eligibility Preferred
  • Qualifications - Active Secret or TS clearance, or prior clearance history -
  • As defined by U.S. law, individuals who are any one of the following are considered to be a “U.S.
  • Saronic does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity or any other reason prohibited by law in provision of employment opportunities and benefits.
  • We are also committed to providing reasonable accommodations for qualified individuals with disabilities.

Find more real-time jobs on JobLoom.