Security Vulnerability Management Architect - 100% Remote

Client - This role is with a major U.S.-based telecom leader known for its large-scale network infrastructure and enterprise solutionsJob Title - Security Vulnerability Management Architect - 100% RemoteType - Contract to hireLocation - Remote Position SummaryWe are seeking a highly skilled and hands-on Security Vulnerability Management Architect to lead the design, implementation, and continuous improvement of the enterprise vulnerability management program. This role combines strategic architecture responsibilities with operational execution, requiring deep technical expertise in vulnerability assessment, remediation orchestration, threat prioritization, and security tooling.The ideal candidate will be capable of defining enterprise-wide vulnerability management strategy while also actively performing technical assessments, integrating security tools, automating workflows, and collaborating closely with infrastructure, cloud, DevOps, and application teams.Key ResponsibilitiesVulnerability Management Strategy & ArchitectureDesign and maintain the enterprise vulnerability management framework, standards, processes, and governance model.Develop vulnerability prioritization methodologies using CVSS, threat intelligence, exploitability, business criticality, and exposure context.Architect scalable vulnerability management solutions across:On-prem infrastructureCloud environments (AWS, Azure, GCP)Containers and KubernetesEndpoints and serversApplications and APIsNetwork devicesDefine SLAs, KPIs, and reporting metrics for remediation tracking and compliance.Establish integration architecture between vulnerability scanners, CMDB, SIEM, ticketing systems, and asset inventory platforms.Hands-On Technical ResponsibilitiesPerform vulnerability assessments, scans, validation, and remediation verification.Configure, administer, and optimize tools such as:Tenable / NessusQualysRapid7 InsightVMPrisma CloudWizMicrosoft DefenderCrowdStrikeBurp SuiteSnykConduct authenticated and unauthenticated scanning.Analyze scan results and eliminate false positives.Validate vulnerabilities manually using scripts, command-line tools, and proof-of-concept testing.Develop automation scripts using Python, PowerShell, Bash, or APIs.Build dashboards and reporting for executives and technical stakeholders.Support patch validation and remediation testing activities.Cloud & DevSecOps ResponsibilitiesIntegrate vulnerability management into CI/CD pipelines and DevSecOps processes.Implement container and image scanning solutions.Partner with engineering teams to shift vulnerability detection left.Evaluate Infrastructure-as-Code (IaC) security risks.Automate security checks within deployment workflows.Threat & Risk ManagementCorrelate vulnerabilities with threat intelligence and active exploitation trends.Conduct risk-based vulnerability prioritization.Support incident response teams during vulnerability-related security incidents.Track emerging vulnerabilities, zero-days, and remediation guidance.Collaboration & LeadershipWork closely with infrastructure, application, cloud, and SOC teams.Provide remediation guidance and security best practices.Lead vulnerability review meetings and risk discussions.Mentor junior security engineers and analysts.Influence enterprise security architecture decisions.Required QualificationsBachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field.8+ years of cybersecurity experience.5+ years specifically in vulnerability management or security engineering.Strong understanding of:Operating systems (Windows/Linux)Networking and protocolsCloud securityWeb application securityPatch management processesSecurity architecture principlesExperience with enterprise vulnerability management platforms.Strong scripting/automation skills.Experience with SIEM and ticketing integrations.Knowledge of MITRE ATT&CK, CVSS, CWE, and CVE frameworks.Preferred QualificationsExperience in large enterprise or regulated environments.Familiarity with compliance frameworks:PCI-DSSISO 27001NISTCIS ControlsSOXHIPAAExperience with exposure management and attack surface management platforms.Knowledge of penetration testing methodologies.Preferred CertificationsCISSPGIAC (GPEN, GSEC, GMON, or similar)CEHOSCPAWS/Azure Security CertificationsSecurity+Certified Vulnerability Assessor certifications