Associate Director of Vulnerability Management

Equal Employment Opportunity/M/F/disability/protected veteran status

Associate Director of Vulnerability Management

Albany, NY

Administrative

Mon Feb 9 2026

Job Description for Associate Director of Vulnerability Management

The Associate Director of Vulnerability Management is the organization's authoritative owner of the end-to-end Vulnerability Management (VM) program, responsible for architecting, deploying, operationalizing, and continuously maturing a risk-based scanning and remediation ecosystem across NY Creates (NYC) research labs, semiconductor fabrication facilities, hybrid cloud environments, OT/ICS assets, and regulated data systems. This role serves as the hands‑on technical lead for the Tenable Security Center / Tenable.io

(Nessus) platform suite, driving full lifecycle implementation from initial proof‑of‑concept and federated deployment to credentialed agent‑based scanning, custom policy creation, dashboard orchestration, and integration with SOAR, CMDB, and ticketing workflows. With deep engineering expertise in asset discovery, authenticated scanning, CVE prioritization using CVSS v3.1+ and EPSS, and remediation orchestration, the VM Lead translates raw vulnerability data into prioritized, executive‑actionable risk intelligence while enforcing SLAs for patch deployment, exception management, and compliance reporting (NIST 800‑171, CMMC 2.0, NY DFS).

The incumbent operates with surgical precision in high‑assurance environments, automates at scale, mentors junior staff, and partners with IT, Dev Ops, and Engineering to embed security into the software and hardware lifecycle.

• Own the full Tenable technology stack:
  Security Center (on‑prem), Tenable.io (cloud), Nessus Professional/Agents, Nessus Network Monitor (NNM), and Tenable.cs (cloud security); perform version upgrades, HA clustering, and disaster recovery testing.
• Design and implement authenticated, agent‑based scanning architecture covering Windows, Linux, macOS, container runtimes (Docker, Podman), Kubernetes clusters, AWS/AMIs, Azure VMs, and GCP instances.
• Build and maintain custom scan policies, compliance benchmarks (CIS, DISA STIG, NIST 800‑53), and plugin families tailored to semiconductor R&D tools, clean‑room systems, and HPC clusters.
• Operationalize asset discovery via active (Nessus) and passive (NNM, PVS) sensors; integrate with CMDB, ITSM, and IPAM for dynamic asset grouping and ownership assignment.
• Develop risk‑scoring models combining CVSS, EPSS, KEV (CISA Known Exploited Vulnerabilities), threat intel context, and business criticality; automate prioritization via Tenable APIs and SOAR playbooks.
• Orchestrate remediation workflows: auto‑ticket creation in Service Now/Jira, SLA tracking, patch deployment via WSUS, Ansible, Tanium, or SCCM, and validated closure with re‑scan.
• Lead vulnerability triage war‑room sessions with system owners, patch engineers, and application teams; negotiate risk‑based exceptions with documented compensating controls.
• Produce weekly executive dashboards (Tenable Lumin/Exposure View) and monthly trend reports on MTTR, patch compliance, and risk reduction; support audit evidence for CMMC, NIST 800‑171, and insurance renewals.
• Integrate VM data into SOAR for automated containment (e.g., isolate unpatched assets via NAC/micro‑segmentation) and enrichment with CTI IOCs.
• Perform end‑to‑end VM program maturity assessments; author policies, standards, and procedures aligned to NIST 800‑40, CIS Control 7, and MITRE ATT&CK T1595.
• Conduct red‑team validated scanning exercises; tune out false positives, optimize scan windows, and minimize performance impact on production fab tools.
• Train and mentor Tier 1/2 analysts on Nessus agent deployment, scan interpretation, and remediation best practices; develop internal certification path.
• Stay ahead of emerging VM technologies (e.g., attack surface management, SBOM integration) and represent NYC in SUNY VM working groups.
• Critical thinking to correlate vulnerabilities with active exploits, lateral movement paths, and crown‑jewel asset…