Vulnerability Management Team Lead jobs in United States
cer-icon
Apply on Employer Site
company-logo

SailPoint · 4 hours ago

Vulnerability Management Team Lead

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level
money$105K/yr - $195K/yr
date5+ years exp

SailPoint’s Cybersecurity organization is seeking a Cybersecurity Vulnerability Management Team Lead with a passion for cybersecurity. This role ensures the continuous discovery, accurate assessment, risk-based prioritization, and successful remediation of vulnerabilities and misconfigurations across all IT assets, directly reducing the organization's exposure and maintaining regulatory compliance.

Enterprise SoftwareIdentity ManagementRisk ManagementSoftware
check
Growth Opportunities
check
H1B Sponsor Likelynote

Responsibilities

Developing and lead the enterprise-wide product security and resilience strategy, aligning with business goals and regulatory requirements
Partnering with Dev/Ops, engineering, product management, and infrastructure teams to integrate vulnerability management practices into production environments
Identifying risk in a production environment comprised of a sophisticated SaaS architecture consisting of dozens of microservices
Explaining risks, identifying dependencies, and facilitating the remediation process by providing necessary details and context
Developing and enforce a prioritization framework that utilizes risk context beyond standard CVSS scores, factoring in asset criticality, exposure to the public internet, and internal threat intelligence (e.g., active exploitation in the wild)
Establishing and oversee secure architecture patterns, threat modeling practices, and resilience engineering frameworks
Driving adoption of security automation, vulnerability management, and secure coding standards across product teams
Monitoring for emerging threats, technologies, and compliance trends to proactively evolve the security posture
Collaborating with with SailPoint’s risk team to establish the risk acceptance criteria and service level objectives (SLOs) with business leaders and asset owners, ensuring remediation efforts are directly aligned with organizational risk appetite
Collaborating with SailPoint’s legal, compliance, and risk teams to ensure alignment with global standards and certifications
Generating operational Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs), such as Mean Time to Remediate (MTTR), Remediation Compliance Rate, and overall vulnerability density for different business units
Providing program performance reporting and metrics per business unit and product

Qualification

Leadership in cybersecurityCloud security expertiseScripting languagesRegulatory frameworksApplication security toolsRisk-based decision makingChange managementTechnical leadershipInfluence & collaborationExecutive communicationProcess improvementStrategic vision & executionAI software securitySecure software developmentCertifications CISSPCertifications CISMCertifications etc.

Required

5-7 years in leadership roles, preferably in product or application security
Strong engineering experience with cloud, containers, open-source code, deployment and misconfigurations
Advanced experience with scripting languages (e.g., Python, PowerShell) for automating data ingestion, reporting, or integrating VM data into other security tools (SIEM/SOAR)
Experience with secure software development practices and tools
Experience and knowledge of artificial intelligence software security, including OWASP AI Security and Privacy Guide, NIST AI Risk Management Framework, Cybersecurity AI (CAI), Open SSF AI/ML Security Framework
Experience with regulatory frameworks (e.g., NIST, ISO 27001, SOC, GDPR)
Experience building relationships with software engineering teams, including managing mature product security including final security reviews, and risk-driven product scoring/metrics
Strategic Vision & Execution - Ability to define and communicate a clear vision for product security and resilience aligned with enterprise goals
Process Improvement: Drive continuous improvement in the efficiency of vulnerability remediation through automation, ticketing system integration (e.g., Jira), and process streamlining
Influence & Collaboration – Demonstrable experience building strong partnerships across an organization to drive secure-by-design culture
Application Security – Familiarity with application security testing tools (SAST/DAST) and integrating vulnerability findings into development workflows
Technical Leadership – Deep understanding of product security issues (like XXE, SSRF, Injections, etc.), modern software development (fully automated CI/CD, REST, OAuth2) including multi-cloud (AWS, Azure, GCP, Containers, Kubernetes) architectures, particularly Amazon Web Services, Kubernetes, and software bill of materials (SBOM)
Change Management – Experience leading organizational change initiatives to embed security and resilience into product development lifecycles
Risk-Based Decision Making – Experience making informed decisions through balancing business priorities, technical constraints, and risk exposure
Executive Communication – Experience communicating complex technical concepts and ongoing program updates clearly to non-technical stakeholders and executive leadership
Certifications like CISSP, CISM, CISA, AWS, or CCNSE are beneficial
If the candidate does not have the AWS Certified Cloud Practitioner or AWS Certified Cloud Security – Specialty, they must take these certifications within first year of employment

Benefits

Health and wellness coverage: Medical, dental, and vision insurance
Disability coverage: Short-term and long-term disability
Life protection: Life insurance and Accidental Death & Dismemberment (AD&D)
Additional life coverage options: Supplemental life insurance for employees, spouses, and children
Flexible spending accounts for health care, and dependent care; limited purpose flexible spending account
Financial security: 401(k) Savings and Investment Plan with company matching
Time off benefits: Flexible vacation policy
Holidays: 8 paid holidays annually
Sick leave
Parental support: Paid parental leave
Employee Assistance Program (EAP) and Care Counselors
Voluntary benefits: Legal Assistance, Critical Illness, Accident, Hospital Indemnity and Pet Insurance options
Health Savings Account (HSA) with employer contribution

Company

SailPoint

twittertwittertwitter
Glassdoor4.4
company-logo
SailPoint is an identity and access management provider helping organizations deliver and manage user access from any device.
dateFounded in 2005
location
Austin, Texas, USA
people-size1001-5000 employees
web-link
http://www.sailpoint.com

H1B Sponsorship

SailPoint has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (40)
2024 (35)
2023 (29)
2022 (51)
2021 (20)
2020 (22)

Funding

Current Stage
Public Company
Total Funding
$26.08M
Key Investors
Thoma Bravo
2022-04-11Acquired
2017-11-16IPO
2014-12-25Series Unknown· $0.25M

Leadership Team

leader-logo
Mark McClain
CEO & Founder
linkedin
leader-logo
Brian Carolan
Chief Financial Officer (CFO)
linkedin

Recent News

Cyprus Mail
US IPO market raises $75.3bn in strongest year since 2021
2025-12-20
GlobeNewswire
SailPoint Announces Integrations with the CrowdStrike Falcon Platform
2025-12-18
GlobeNewswire
Nasdaq Maintains Over a Decade of Listings Leadership in 2025
2025-12-18
Company data provided by crunchbase