Sr Mgr Enterprise Vulnerability Management
Elbit Systems of America, Fort Worth, TX, United States
Company Information
Elbit America is a leading provider of high-performance products, system solutions, and support services focusing on the defense, homeland security, commercial aviation, and medical instrumentation markets. With facilities throughout the United States, Elbit Systems of America is dedicated to supporting those who contribute daily to the safety and security of the United States. Elbit Systems of America, LLC is wholly owned by Elbit Systems Ltd. (NASDAQ: ESLT and TASE: ESLT), a global high‑technology company engaged in a wide range of programs for innovative defense and commercial applications. For additional information, visit: ElbitAmerica.com or follow us on YouTube.
Job Summary The Senior Manager, Enterprise Vulnerability Management, leads the enterprise vulnerability management function by developing and executing a comprehensive, risk‑based strategy to identify, assess, and remediate vulnerabilities across infrastructure, cloud platforms, applications, and third‑party services. This role defines program metrics, reports on performance to executive and board stakeholders, and establishes governance frameworks to ensure consistent, effective vulnerability management practices. The Senior Manager oversees the end‑to‑end vulnerability lifecycle, enforces operational standards, drives technical integration with leading security tools, and partners with cross‑functional teams to prioritize and resolve security risks. Additionally, this leader builds and mentors a high‑performing team, fosters a culture of security excellence, and serves as a key advisor to IT, engineering, and business stakeholders on vulnerability risk and remediation.
Key Responsibilities Program Leadership & Strategy
Lead the enterprise vulnerability management function, including strategy, execution, continuous improvement, and performance measurement.
Develop, align, and evangelize a risk‑based vulnerability posture strategy that drives timely and effective remediation across infrastructure, cloud workloads, applications, and third‑party services.
Define key performance indicators (KPIs), metrics dashboards, and executive reporting mechanisms to communicate program effectiveness to senior leaders and board stakeholders.
Operational Execution
Oversee the end‑to‑end vulnerability management lifecycle: discovery, validation, prioritization, remediation tracking, and verification of closure.
Establish and enforce standard operating procedures (SOPs), SLAs, and governance models to ensure consistent execution across business units.
Ensure continuous and automated scanning coverage leveraging industry‑leading tools (e.g., CrowdStrike, Tenable, Qualys, Rapid7, Wiz, Tanium) and integrate with ticketing and IT service management workflows.
Technical Oversight
Lead vulnerability identification across multi‑cloud, hybrid infrastructure, container platforms, and enterprise applications.
Coordinate vulnerability scanning schedules, threat intelligence integration, and risk scoring methodologies (e.g., CVSS, EPSS, internal risk models) to prioritize remediation based on exploitability and business context.
Partner with SecOps, engineering, and platform teams to ensure vulnerabilities are resolved effectively, and appropriate compensating controls are in place when necessary.
Stakeholder Collaboration
Act as a key security advisor to IT, development, risk, compliance, and business owners regarding vulnerability risk exposure and remediation planning.
Facilitate vulnerability review boards, risk committees, and cross‑team governance forums to drive accountability and risk reduction.
Team Leadership
Build, mentor, and lead a high‑performing vulnerability management team, including analysts, engineers, and automation resources.
Define career paths, set performance expectations, and promote a culture of security excellence.
Education, Experience, Knowledge & Certifications
Bachelor’s degree in computer science, information security, cybersecurity, or related discipline required; master’s degree preferred.
10+ years of progressive experience in information security with significant exposure to vulnerability management and enterprise risk programs.
Minimum 5+ years managing vulnerability programs.
3–5+ years of direct people management experience, including building and leading technical teams (analysts, engineers, or program staff).
Proven experience operating vulnerability management at scale for large, distributed environments (on‑premises, cloud, hybrid) and coordinating across multiple global business units.
Hands‑on knowledge of vulnerability tools (Tenable, Qualys, Rapid7, ServiceNow VR, Wiz, etc.) and automation frameworks.
Skills And Abilities
Strong communicator with the ability to translate technical issues into business risks for executives.
Strategic thinker with a proactive, automation‑first mindset.
Collaborative leader who can influence cross‑organizational remediation and improve security outcomes.
Preferred Skills & Certifications
Certifications such as CISSP, CISM, CRISC, CISA, or GIAC vulnerability/assessment specialties (GPEN, GCIA, etc.).
Benefits
Most locations offer a 9/80 schedule, providing every other Friday off.
Competitive compensation & 401(k) program to plan for your future.
Robust medical, dental, vision, & disability coverage with qualified wellness discounts.
Basic life insurance and additional life & AD&D insurances are available.
Flexible vacation & PTO.
Paid parental leave.
Generous employee referral program.
Voluntary benefits available: longer‑term care, legal, identity theft, pet insurance, and more.
Voluntary Tricare supplement available for military retirees.
This job description does not list all the duties of the job. You may be asked by your supervisors or managers to perform other duties. The employer has the right to revise this job description at any time. The job description is not an employment contract. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this position. Elbit America is an equal‑opportunity employer as to all protected groups, including protected veterans and individuals with disabilities.
If you encounter issues with your application, please email TalentAcquisition@ElbitAmerica.com.
#J-18808-Ljbffr
Job Summary The Senior Manager, Enterprise Vulnerability Management, leads the enterprise vulnerability management function by developing and executing a comprehensive, risk‑based strategy to identify, assess, and remediate vulnerabilities across infrastructure, cloud platforms, applications, and third‑party services. This role defines program metrics, reports on performance to executive and board stakeholders, and establishes governance frameworks to ensure consistent, effective vulnerability management practices. The Senior Manager oversees the end‑to‑end vulnerability lifecycle, enforces operational standards, drives technical integration with leading security tools, and partners with cross‑functional teams to prioritize and resolve security risks. Additionally, this leader builds and mentors a high‑performing team, fosters a culture of security excellence, and serves as a key advisor to IT, engineering, and business stakeholders on vulnerability risk and remediation.
Key Responsibilities Program Leadership & Strategy
Lead the enterprise vulnerability management function, including strategy, execution, continuous improvement, and performance measurement.
Develop, align, and evangelize a risk‑based vulnerability posture strategy that drives timely and effective remediation across infrastructure, cloud workloads, applications, and third‑party services.
Define key performance indicators (KPIs), metrics dashboards, and executive reporting mechanisms to communicate program effectiveness to senior leaders and board stakeholders.
Operational Execution
Oversee the end‑to‑end vulnerability management lifecycle: discovery, validation, prioritization, remediation tracking, and verification of closure.
Establish and enforce standard operating procedures (SOPs), SLAs, and governance models to ensure consistent execution across business units.
Ensure continuous and automated scanning coverage leveraging industry‑leading tools (e.g., CrowdStrike, Tenable, Qualys, Rapid7, Wiz, Tanium) and integrate with ticketing and IT service management workflows.
Technical Oversight
Lead vulnerability identification across multi‑cloud, hybrid infrastructure, container platforms, and enterprise applications.
Coordinate vulnerability scanning schedules, threat intelligence integration, and risk scoring methodologies (e.g., CVSS, EPSS, internal risk models) to prioritize remediation based on exploitability and business context.
Partner with SecOps, engineering, and platform teams to ensure vulnerabilities are resolved effectively, and appropriate compensating controls are in place when necessary.
Stakeholder Collaboration
Act as a key security advisor to IT, development, risk, compliance, and business owners regarding vulnerability risk exposure and remediation planning.
Facilitate vulnerability review boards, risk committees, and cross‑team governance forums to drive accountability and risk reduction.
Team Leadership
Build, mentor, and lead a high‑performing vulnerability management team, including analysts, engineers, and automation resources.
Define career paths, set performance expectations, and promote a culture of security excellence.
Education, Experience, Knowledge & Certifications
Bachelor’s degree in computer science, information security, cybersecurity, or related discipline required; master’s degree preferred.
10+ years of progressive experience in information security with significant exposure to vulnerability management and enterprise risk programs.
Minimum 5+ years managing vulnerability programs.
3–5+ years of direct people management experience, including building and leading technical teams (analysts, engineers, or program staff).
Proven experience operating vulnerability management at scale for large, distributed environments (on‑premises, cloud, hybrid) and coordinating across multiple global business units.
Hands‑on knowledge of vulnerability tools (Tenable, Qualys, Rapid7, ServiceNow VR, Wiz, etc.) and automation frameworks.
Skills And Abilities
Strong communicator with the ability to translate technical issues into business risks for executives.
Strategic thinker with a proactive, automation‑first mindset.
Collaborative leader who can influence cross‑organizational remediation and improve security outcomes.
Preferred Skills & Certifications
Certifications such as CISSP, CISM, CRISC, CISA, or GIAC vulnerability/assessment specialties (GPEN, GCIA, etc.).
Benefits
Most locations offer a 9/80 schedule, providing every other Friday off.
Competitive compensation & 401(k) program to plan for your future.
Robust medical, dental, vision, & disability coverage with qualified wellness discounts.
Basic life insurance and additional life & AD&D insurances are available.
Flexible vacation & PTO.
Paid parental leave.
Generous employee referral program.
Voluntary benefits available: longer‑term care, legal, identity theft, pet insurance, and more.
Voluntary Tricare supplement available for military retirees.
This job description does not list all the duties of the job. You may be asked by your supervisors or managers to perform other duties. The employer has the right to revise this job description at any time. The job description is not an employment contract. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this position. Elbit America is an equal‑opportunity employer as to all protected groups, including protected veterans and individuals with disabilities.
If you encounter issues with your application, please email TalentAcquisition@ElbitAmerica.com.
#J-18808-Ljbffr