Director, Vulnerability Management jobs in United States
cer-icon
Apply on Employer Site
company-logo

HarbourVest Partners · 1 day ago

Director, Vulnerability Management

positionBoston, MA
timeFull-time
remoteHybrid
seniorityMid, Senior Level
money$172K/yr - $258K/yr
date5+ years exp

HarbourVest Partners is a global firm that has been delivering impactful solutions for over forty years. They are seeking a Director of Vulnerability Management to oversee the vulnerability lifecycle, manage incident response efforts, and develop strategies for risk reduction across the enterprise.

Asset ManagementFinanceFinancial ServicesVenture Capital
check
Growth Opportunities
check
H1B Sponsor Likelynote

Responsibilities

Develop, lead and be accountable end to end for the enterprise vulnerability management strategy, roadmap, and program
Oversee vulnerability scanning, risk assessments, and prioritization processes across infrastructure, applications, containers, cloud environments, and critical third parties
Own vulnerability management platforms, ensuring optimal configuration, tuning, and coverage
Partner with Technology and business teams, and asset owners to drive remediation and track progress
Provide threat-based prioritization of vulnerabilities using CVSS, threat intelligence, exploitability data, and business context
Lead the response to high-profile vulnerabilities (e.g., zero-days, critical CVEs) with timely impact analysis and coordinated remediation actions
Develop and present executive-level reporting on vulnerability trends, KRIs, KPIs, and risk posture
Maintain compliance with relevant standards and frameworks (e.g., NIST CSF 2.0)
Own governance for exception handling and risk acceptance processes related to un-remediated vulnerabilities
Lead, mentor, and grow a team of vulnerability analysts
Develop awareness campaigns to promote the importance of vulnerability management and compliance across the organization
Oversee and track enterprise-wide SLA compliance for vulnerability remediation, focusing on timely resolution across all asset classes
Analyze SLA trends, identify non-compliance patterns, and work with asset owners to address gaps
Escalate risks related to overdue vulnerabilities to leadership in accordance with established protocols
Design, maintain, and optimize dashboards and reporting mechanisms to provide actionable insights for executives, asset owners, and security teams
Stay informed on industry trends, tools, and best practices to recommend and implement program improvements

Qualification

Vulnerability managementCybersecurity frameworksCloud platformsRisk managementVulnerability scanning technologiesThreat modelingProgram managementTechnical team managementStakeholder engagementRelevant certificationsCommunicationProblem-solvingInitiative

Required

Bachelor's degree or higher in Computer Science, Information Security, Engineering, or related field
5+ years of experience in cybersecurity, with at least 3 years in a leadership or management capacity
Proven experience building or leading a mature vulnerability management program at scale
Deep understanding of vulnerability scanning technologies, CVSS scoring, and threat modeling
Strong knowledge of cloud platforms (AWS, Azure), and container security
Familiarity with compliance frameworks and standards
Experience managing and mentoring technical teams and working cross-functionally with non-security teams
Excellent communication and stakeholder engagement skills with the ability to convey complex risk topics to executive audiences
Strong program management skills with a solid understanding of vulnerability management, governance, and stakeholder engagement
Strong problem-solving skills, flexibility, and the ability to take initiative
Excellent communication skills and the ability to work cross-functionally with Engineering, Product, and DevOps

Preferred

Relevant certifications (e.g., CISSP, CISM, OSCP, or similar) preferred
Experience integrating vulnerability management with SIEM, ticketing, and asset management tools
Strong understanding of risk management and cyber risk quantification
BS in Computer Science, Information Security, or equivalent work experience

Benefits

Discretionary annual bonus
Long-term reward programs
Comprehensive total rewards package
Retirement
Health
Insurance
Paid time off
Wellness programs

Company

HarbourVest Partners

twittertwitter
Glassdoor4.4
company-logo
HarbourVest Partners is a private markets firm providing solutions to help clients invest in primary funds, real assets, and private credit.
dateFounded in 1982
location
Boston, Massachusetts, USA
people-size1001-5000 employees
web-link
http://www.harbourvest.com

H1B Sponsorship

HarbourVest Partners has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (3)
2023 (2)
2021 (1)
2020 (1)

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Tricia Mackechnie
Managing Director and Chief Technology Officer
linkedin
leader-logo
Aliza Firestone-Goren
Senior Vice President

Recent News

Secondaries Investor
Dawson emerges as a buyer on HVPE’s portfolio sale
2025-12-25
DealStreetAsia
Beyond the Buyout: A year of reset and recalibration for PE in Asia
2025-12-19
Inc42 Media
Funds Worth Over $12.1 Bn+ Launched For Indian Startups In 2025
2025-12-03
Company data provided by crunchbase