Vulnerability Manager

Summary

Join CoinsPaid, a leading crypto payment solutions provider, as their skilled and strategic Vulnerability Manager. Lead and evolve the organization-wide vulnerability management program, embedding proactive risk mitigation practices. You will have full ownership of the vulnerability management strategy, tooling, and governance model across diverse technical environments. As the program scales, you’ll have the opportunity to grow and mentor a team, drive automation and orchestration initiatives, and ensure security is foundational to our technology ecosystem. This pivotal role requires a deep understanding of vulnerability lifecycle management and risk prioritization. You will work closely with various teams to embed security into workflows and maintain compliance. CoinsPaid offers a rewarding work environment within a rapidly growing international company.

Requirements

• 5+ years of experience in cybersecurity, including 2+ years in a leadership or senior role focused on vulnerability management
• Deep understanding of vulnerability lifecycle management, risk prioritization, and remediation workflows
• Proven experience building or scaling vulnerability programs in complex, distributed environments (including cloud and hybrid infrastructures)
• Strong cross-functional collaboration skills, with the ability to influence and partner with IT, engineering, and executive stakeholders
• Hands-on experience with vulnerability scanning tools and ticketing/reporting systems (e.g., Tenable, Qualys, ServiceNow, Jira)
• Familiarity with standards and frameworks such as CVSSv3, EPSS, OWASP, NIST, MITRE ATT&CK , and emerging threat models
• Professional-level English communication skills (B1-C1 or higher), including documentation, reporting, and executive briefings

Responsibilities

• Lead the vulnerability management program end-to-end: strategy, governance, tooling, and process development
• Develop and implement a risk-based methodology for vulnerability discovery and prioritization, considering threat intelligence and business impact
• Oversee vulnerability detection and remediation across all environments: infrastructure, cloud, containers, workstations, and applications
• Manage deployment, tuning, and optimization of scanning tools (e.g., Tenable, Qualys, Rapid7, OpenVAS)
• Drive continuous improvement through automation and integration with IT and security ecosystems
• Define, track, and report KPIs/metrics to assess program effectiveness and maturity
• Work closely with DevOps, IT, and product teams to embed security into CI/CD pipelines and design secure-by-default systems
• Ensure alignment with security frameworks and compliance standards (e.g., ISO 27001, PCI DSS, SOC 2)
• Represent the vulnerability management function during audits, executive reviews, and cross-functional security governance forums
• Establish SLAs and exception handling processes for vulnerability remediation across business units
• Act as a subject matter expert to guide teams on remediation strategies and secure architecture decisions
• Collaborate with threat intelligence and engineering teams to contextualize and prioritize vulnerabilities
• Maintain dashboards and reporting for executive stakeholders to communicate vulnerability trends and risk exposure
• Evaluate and introduce new technologies that enhance detection, prioritization, and remediation capabilities