Lead Vulnerability Management Engineer

We are in search of a skilled Lead Vulnerability Management Engineer to join our security operations team and lead efforts in securing our technology landscape.
This position requires broad expertise in security engineering and operations, with a specialized focus on vulnerability management. As a lead, you will oversee the design, execution, and optimization of our vulnerability management program while mentoring team members and driving organizational accountability for security practices.
EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.

• Design, lead, execute, and continuously improve a comprehensive vulnerability management program, ensuring the proactive identification, prioritization, and remediation of security vulnerabilities
• Mentor and guide team members in vulnerability management best practices while fostering a culture of security awareness across organizational teams
• Partner with IT, network operations, application development, and compliance teams to enforce effective resolution of vulnerability issues and improve cross-functional collaboration
• Perform and oversee regular vulnerability assessments and penetration testing, offering advanced recommendations and detailed remediation guidance
• Establish, update, and enforce policies, procedures, and documentation for vulnerability management in alignment with industry standards, compliance mandates, and organizational goals
• Lead the monitoring of vulnerability feeds, security advisories, and threat intelligence, anticipating and mitigating risks from emerging threats
• Manage the operations of vulnerability scanning across cloud-native environments, enterprise systems, and third-party integrations, ensuring comprehensive reporting and risk assessment
• Collaborate with engineering and operations teams to prioritize and deploy critical security patches, adjustments, or mitigations in time-sensitive scenarios
• Develop and present vulnerability management metrics, analysis, and progress reports to executive leadership, articulating risk in relation to business objectives
• Coordinate and oversee incident responses for issues stemming from identified vulnerabilities, ensuring resolution aligns with established SLAs

• 5+ years of experience in a related role, encompassing vulnerability management and broader information security responsibilities
• At least 1 year of relevant leadership experience
• Relevant degree, recognized advanced cybersecurity certifications such as CISSP, OSCP, CEH, or related experience
• Extensive expertise in vulnerability scanning and management tools such as Prisma, Rapid7, Contrast, Defender, AWS Inspector, Wiz, and emerging technologies
• In-depth knowledge of vulnerability management frameworks, advanced penetration testing methodologies, and current industry-leading practices
• Proven ability to evaluate and manage vulnerabilities across complex, hybrid environments including networks, systems, applications, and multi-cloud architectures
• Exceptional troubleshooting and strategic decision-making skills with an emphasis on attention to detail and operational efficiency
• Strong leadership, communication, and collaboration skills with demonstrated experience engaging both technical and non-technical stakeholders
• Proven ability to translate technical findings into business-relevant context for reporting to senior management or decision-makers

• Connectivity Bonus (15,000 ARS are paid with a salary receipt at the end of each month as a non-wages concept)
• Medicina Prepaga (It covers the collaborator and direct family group)
• Paternity Leave (Two additional days are added to what is established by law, total of 4 days)
• Discounts card
• English Training (English lessons, twice per week)
• Training Program (Access to multiple customized training plans according to the needs of each role within the company)
• Marriage bonus (The company doubles the allowance established by law that ANSES offers)
• Referral Program (Referral bonus is paid when the referral of a collaborator joins the Company)
• External Agreements and Discounts
• Vacations: 14 calendar days a year