Manager, Global Vulnerability Management

We’re seeking a hands-on leader in Vulnerability Management to join SIE’s Information Security organization — and help us protect the future of PlayStation! You’ll lead a distributed team responsible for identifying, prioritizing, and remediating vulnerabilities across our platforms, applications, websites, and cloud environments, while evolving traditional vulnerability management into a modern threat exposure management practice. Together, we’ll unify security findings across multiple sources and ensure our partners have the visibility and context needed to take timely action on the risks that matter most.

This is a hands-on leadership role: while you will guide people and tasks to help scale leadership capacity, you’ll also stay directly engaged in technical work. From vulnerability assessments and exploit research to collaborating with engineers on remediation strategies, you’ll balance leadership with hands-on contributions. Ideal for an experienced engineer ready to step into management, or for a technical manager who wants to stay hands-on while leading a distributed team!

• Lead, mentor, and develop a high-performing Global Vulnerability Management team, providing both strategic direction and day-to-day support. Build team capabilities while fostering a collaborative, pragmatic, and results-driven culture.
• Own the full vulnerability lifecycle - from discovery to remediation - and ensure processes are scalable and effective across diverse technology stacks.
• Guide the team’s transition from traditional vulnerability management toward a more advanced, exposure-focused approach that prioritizes true business risk and operational impact.
• Personally contribute to technical analysis, conducting vulnerability scans, security reviews, and exploit research. Provide actionable guidance on mitigation strategies and ensure findings are validated before being shared with stakeholders.
• Collaborate with partners across information security disciplines - such as engineering, governance and risk management, product/application security - to unify findings, improve reporting, and ensure accountability for remediation.
• Partner with security operations teams, including incident response and threat intelligence teams, to align vulnerability data with active threats, strengthen detection, and support response efforts.
• Support and collaborate on container security and build pipeline scanning initiatives, applying full-spectrum vulnerability management practices even when tools or processes are owned by other teams.
• Drive the integration of automation and intelligence into vulnerability workflows, enabling smarter prioritization and faster response.
• Leverage data analytics platforms such as Domo and Snowflake to deliver enriched vulnerability insights, ensuring findings and recommendations are clearly presented to stakeholders and leadership.
• Remain current with emerging threats, continuously research evolving exploit techniques, and assess their potential impact on the business. Use this insight to inform prioritization decisions and strengthen remediation guidance.
• Provide clear, contextualized reporting on vulnerability trends, remediation progress, and overall exposure posture to security leadership and business stakeholders, ensuring that risks are communicated in both technical and executive terms.

• Bachelor’s degree in Computer Science, Information Security, or equivalent experience (8–10+ years).
• Previous experience managing or leading a technical team, with responsibility for people and program outcomes.
• Demonstrable experience in vulnerability management, exposure management, or related areas within large-scale enterprise environments.
• Demonstrated ability to lead or mentor teams while also remaining actively engaged in technical execution.
• Strong knowledge of vulnerabilities across operating systems, applications, cloud services, and hybrid infrastructure.
• Hands-on experience with vulnerability scanning platforms and integrations.
• Proficiency in Python and SQL for automation, analysis, and reporting of vulnerability data.
• Superb communication and collaboration skills, with the ability to influence both technical staff and senior leaders.

• Experience evolving a traditional vulnerability management function into a more advanced exposure management capability.
• Familiarity with continuous threat exposure management (CTEM) or equivalent frameworks for scoping, discovery, prioritization, validation, and mobilization.
• Experience with container security, build pipeline scanning, and integration of vulnerability management into CI/CD workflows.
• Practical experience using data analytics platforms (Domo, Snowflake) to present and operationalize security findings.
• Proven success managing global or distributed teams, particularly through organizational or program transformation.
• Strong multi-functional partnership experience across IT, engineering, and security operations functions.