Lead Vulnerability Management Engineer

We are in search of a skilled **Lead Vulnerability Management Engineer**to join our security operations team and lead efforts in securing our technology landscape.This position requires broad expertise in security engineering and operations, with a specialized focus on vulnerability management. As a lead, you will oversee the design, execution, and optimization of our vulnerability management program while mentoring team members and driving organizational accountability for security practices.**Responsibilities**- Design, lead, execute, and continuously improve a comprehensive vulnerability management program, ensuring the proactive identification, prioritization, and remediation of security vulnerabilities- Mentor and guide team members in vulnerability management best practices while fostering a culture of security awareness across organizational teams- Perform and oversee regular vulnerability assessments and penetration testing, offering advanced recommendations and detailed remediation guidance- Establish, update, and enforce policies, procedures, and documentation for vulnerability management in alignment with industry standards, compliance mandates, and organizational goals- Lead the monitoring of vulnerability feeds, security advisories, and threat intelligence, anticipating and mitigating risks from emerging threats- Manage the operations of vulnerability scanning across cloud-native environments, enterprise systems, and third-party integrations, ensuring comprehensive reporting and risk assessment- Collaborate with engineering and operations teams to prioritize and deploy critical security patches, adjustments, or mitigations in time-sensitive scenarios- Develop and present vulnerability management metrics, analysis, and progress reports to executive leadership, articulating risk in relation to business objectives- Coordinate and oversee incident responses for issues stemming from identified vulnerabilities, ensuring resolution aligns with established SLAs**Requirements**:- 5+ years of experience in a related role, encompassing vulnerability management and broader information security responsibilities- At least 1 year of relevant leadership experience- Relevant degree, recognized advanced cybersecurity certifications such as CISSP, OSCP, CEH, or related experience- Extensive expertise in vulnerability scanning and management tools such as Prisma, Rapid7, Contrast, Defender, AWS Inspector, Wiz, and emerging technologies- In-depth knowledge of vulnerability management frameworks, advanced penetration testing methodologies, and current industry-leading practices- Exceptional troubleshooting and strategic decision-making skills with an emphasis on attention to detail and operational efficiency- Strong leadership, communication, and collaboration skills with demonstrated experience engaging both technical and non-technical stakeholders- Proven ability to translate technical findings into business-relevant context for reporting to senior management or decision-makers**We offer**- Career plan and real growth opportunities- Unlimited access to LinkedIn learning solutions- International Mobility Plan within 25 countries- Constant training, mentoring, online corporate courses, eLearning and more- English classes with a certified teacher- Support for employee’s initiatives (Algorithms club, toastmasters, agile club and more)- Enjoyable working environment (Gaming room, napping area, amenities, events, sport teams and more)- Flexible work schedule and dress code- Collaborate in a multicultural environment and share best practices from around the globe- Hired directly by EPAM & 100% under payroll- Law benefits (IMSS, INFONAVIT, 25% vacation bonus)- Major medical expenses insurance: Life, Major medical expenses with dental & visual coverage (for the employee and direct family members)- 13 % employee savings fund, capped to the law limit- Grocery coupons- 30 days December bonus- Employee Stock Purchase Plan- 12 vacations days plus 4 floating days- Official Mexican holidays, plus 5 extra holidays (Maundry Thursday and Friday, November 2nd, December 24th & 31st)- Monthly non-taxable amount for the electricity and internet billsEPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.