×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security IT Project Manager

Senior Manager, Vulnerability Management

Job in Dauphin, Brandon, Manitoba, Canada
Listing for: Phreesia, Inc.
Full Time position
Listed on 2026-02-20
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Project Manager
Job Description & How to Apply Below
Location: Dauphin

Senior Manager, Vulnerability Management page is loaded## Senior Manager, Vulnerability Management locations:
Remote Canada time type:
Full time posted on:
Posted 5 Days Agojob requisition :
R4755
*
* Job Description:

**## Phreesia is seeking a Senior Manager, Vulnerability Management to oversee and mature the company’s vulnerability management and penetration testing functions as part of our expanding Information Security  this role, you will be responsible for managing vulnerability scanning infrastructure, assessing and prioritizing security risks, conducting and coordinating penetration testing, and driving remediation efforts across applications, infrastructure, cloud environments, and third-party vendors.

You will work closely with teams across the organization in a highly matrixed environment, balancing complex technical requirements with business priorities to reduce cybersecurity risk.

This role requires deep technical expertise combined with strong people leadership, communication, and relationship-building skills. As a key member of Phreesia’s Information Security leadership team, the Senior Manager, Vulnerability Management will wear multiple hats, including People Leader, Security Product Manager, Senior Architect, Security Practitioner, Risk Assessor, and Engineer.

Phreesia operates across a diverse and modern technology landscape, including web applications, mobile platforms, hardware, cloud and on-prem environments, and payment systems. The role supports both healthcare and payment compliance requirements, making it a dynamic, challenging, and highly impactful position.##
** What You’ll Do
*** Manage, mentor, and grow a team of security engineers focused on securing Phreesia’s applications, infrastructure, and third-party vendors
* Own and operate Phreesia’s vulnerability management program, including scanning infrastructure, triage, prioritization, and remediation tracking
* Create and execute strategies, roadmaps, and plans to identify, monitor, and mitigate top security risks across the organization
* Partner closely with Infrastructure, Operations, Engineering, Security, Product, and Legal teams to drive effective remediation outcomes
* Manage security vendor relationships and collaborate with the Associate Director of Security Architecture and Infrastructure on forecasting and planning
* Lead internal penetration testing efforts and coordinate external third-party penetration testing in partnership with Legal
* Translate industry security control frameworks and internal policy guidance into practical, actionable testing and remediation programs
* Proactively manage ASV scans, disputes, attestations, and remediation activities to ensure successful completion
* Develop strategies to track, measure, and communicate risk by environment, domain, and product
* Perform or coordinate data analysis to clearly present complex security findings to technical and non-technical stakeholders
* Produce and publish monthly qualitative and quantitative key risk indicators (KRIs) and key performance indicators (KPIs)
* Communicate security risks, progress, and insights effectively to stakeholders and executive leadership
* Support incident response and security activities as needed, including occasional work outside standard business hours##
** What You’ll Bring
*** Bachelor’s or Master’s degree in Engineering, Computer Science, or a related technical field
* 10+ years of experience in software development or information security, including 8+ years in hands-on security engineering
* 3+ years of experience leading security teams and owning vulnerability management and penetration testing programs
* Prior experience operating as a PCI-DSS Level 1 service provider (required)
* Deep hands-on experience with vulnerability scanning, penetration testing, and risk analysis
* Strong knowledge of vulnerability management and penetration testing tools (e.g., Tenable, Qualys, Rapid7, Kali, Burp Suite, SAST/DAST, Powershell Empire)
* Advanced understanding of information security principles, frameworks, and technologies
* Working knowledge of major industry frameworks and regulations, including NIST 800-53, HIPAA, HITRUST,…
Position Requirements
10+ Years work experience
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search