Vulnerability & Patch Management (Associate) Manager
Company Description
Sia is a next-generation, global management consulting group. Founded in 1999, we were born digital. Today our strategy and management capabilities are augmented by data science, enhanced by creativity and driven by responsibility. We’re optimists for change and we help clients initiate, navigate and benefit from transformation. We believe optimism is a force multiplier, helping clients to mitigate downside and maximize opportunity. With expertise across a broad range of sectors and services, our 3,000 consultants serve clients worldwide from 48 locations in 19 countries. Our expertise delivers results. Our optimism transforms outcomes.
Job Description
Vulnerability & Patch Management (Associate) Manager
About the Role We are seeking an experienced Vulnerability & Patch Management (Associate) Manager, with experience in owning the end-to-end vulnerability lifecycle: from discovery and prioritization to remediation and verification on cloud environments (primary GCP then AWS).
Key Responsibilities
Operate and optimize the Vulnerability & Patch platform for vulnerability scanning, asset discovery, and exposure management across the enterprise.
Lead risk-based prioritization of vulnerabilities using Tenable One's analytics and exposure scoring.
Design, coordinate, and oversee patch management processes, balancing security needs with the availability requirements of a high-uptime trading environment.
Track remediation SLAs, report on risk exposure, and drive timely closure with system and application owners.
Collaborate with infrastructure, DevOps, and cloud teams to embed security into deployment and maintenance workflows.
Maintain awareness of emerging threats, CVEs, and exploit trends, translating them into actionable remediation plans.
Support audits and contribute to continuous improvement of security policies and standards.
Qualifications
Required Qualifications
- 6–10 years of experience in cybersecurity, with a strong focus on vulnerability and patch management.
- Hands-on expertise with the Tenable One platform (or strong Tenable.io / Tenable.sc / Nessus experience with willingness to transition).
- Solid understanding of operating systems (Windows/Linux), networking, and common attack vectors.
- Strong analytical, prioritization, and stakeholder-communication skills.
- English & French communication and presentation skills.
Nice to Have
- ISO 27001 knowledge or certification (e.g., Lead Implementer / Lead Auditor).
- Google Cloud Platform certifications (e.g., Professional Cloud Security Engineer) are highly valued.
- Experience in critical infrastructure, energy, or other highly regulated/high-availability sectors.
Additional Information
We are unable to provide a work permit for this position
Sia is an equal opportunity employer. All aspects of employment, including hiring, promotion, remuneration, or discipline, are based solely on performance, competence, conduct, or business needs.
Sia is an equal opportunity employer. All aspects of employment, including hiring, promotion, remuneration, or discipline, are based solely on performance, competence, conduct, or business needs.