Vulnerability Lead

Why work at Nebius Nebius is leading a new era in cloud computing to serve the global AI economy. We create the tools and resources our customers need to solve real-world challenges and transform industries, without massive infrastructure costs or the need to build large in-house AI/ML teams. Our employees work at the cutting edge of AI cloud infrastructure alongside some of the most experienced and innovative leaders and engineers in the field. Where we work Headquartered in Amsterdam and listed on Nasdaq, Nebius has a global footprint with RD hubs across Europe, North America, and Israel. The team of over 1400 employees includes more than 400 highly skilled engineers with deep expertise across hardware and software engineering, as well as an in-house AI RD team. The Role: We are seeking a highly experienced Vulnerability Lead to join the Cyber Security organization, reporting directly to the Head of PMO under the CISO. This role combines deep domain expertise in Vulnerability Management with strong project leadership capabilities. The primary focus is to lead and mature the organization’s vulnerability management program, while also driving additional cross-functional security initiatives. The ideal candidate brings hands-on experience in vulnerability lifecycle management, risk-based prioritization, and remediation at scale, along with the ability to operate across security, engineering, infrastructure, and product teams. Responsibilities: Vulnerability Management Leadership Own and lead the organization’s Vulnerability Management program across cloud, infrastructure, SaaS, and application environments. Drive end-to-end vulnerability lifecycle: identification, assessment, prioritization, remediation, and validation. Implement and enforce risk-based prioritization aligned with business impact and threat intelligence. Define, track, and improve KPIs such as SLA adherence, remediation timelines, and exposure trends. Work closely with Security, DevOps, Infrastructure, and Engineering teams to ensure effective remediation at scale. Project PMO Execution Lead and deliver additional cross-functional cyber security projects under the CISO organization. Define project scope, objectives, timelines, and success metrics aligned with security strategy. Manage execution, dependencies, risks, and stakeholder alignment across multiple initiatives. Prepare executive-level reporting and dashboards for the CISO and senior leadership. Strategy Improvement Continuously improve vulnerability management processes, tooling, and governance. Support audits, compliance requirements, and security risk reporting. Act as a subject matter expert for vulnerability risk across the organization. Required Qualifications: 3-5 years of experience in Vulnerability Management, cyber security operations, or related domains. Strong hands-on experience managing vulnerability lifecycle and remediation processes at scale. Proven experience working with vulnerability management tools (e.g., Qualys, Tenable, Rapid7, Wiz, Prisma Cloud). 3+ years of experience in project or program management within technology or security environments. Strong understanding of cloud, infrastructure, and application environments. Experience working cross-functionally with Security, DevOps, Engineering, and IT teams. Experience in risk-based prioritization and security risk management methodologies. Hands-on experience with project management tools such as Jira, Monday, Asana, or similar systems. Excellent communication skills with experience presenting to senior leadership. Preferred Qualifications: Experience working within a CISO organization or Security PMO. Background in SaaS, cloud infrastructure, or large-scale enterprise environments. Familiarity with regulatory frameworks (ISO 27001, SOC 2, NIST, etc.). Experience leading enterprise-wide security or risk reduction initiatives. BSc in Industrial Engineering, Computer Science, or a related field. ... (truncated, view full listing at source)