Security Solutions Principal - Threat and Vulnerability Management (TVM) at World Wide Technology Healthcare Solutions

Jenks, Oklahoma, United States -

Full Time

Start Date

Immediate

Expiry Date

26 Jun, 26

Salary

200000.0

Posted On

28 Mar, 26

Experience

10 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Threat And Vulnerability Management, Cybersecurity Consulting, Vulnerability Remediation, Attacker TTPs, Threat-Informed Defense, Vulnerability Scanning, Prioritization Workflows, CTEM, Exposure Management, Executive Communication, Program Design, Operational Effectiveness, Cross-functional Collaboration, Leadership, Risk-Based Decision Making, Attack Path Analysis

Industry

IT Services and IT Consulting

Description

Qualifications Required Qualifications * 10+ years in cybersecurity with focus on threat and vulnerability management * 7-10+ years in cybersecurity consulting/advisory * Proven experience operationalizing enterprise-scale vulnerability and remediation programs * Experience coordinating remediation across infrastructure, network, cloud, and application teams * Strong understanding of attacker TTPs and threat-informed defense * Experience with vulnerability scanning, prioritization, and remediation workflows * Familiarity with CTEM and exposure management practices * Experience presenting to executive and board-level stakeholders * Consulting or advisory experience with demonstrated delivery impact Preferred Qualifications * Experience in financial services, healthcare, or regulated industries * Knowledge of cloud and container security exposure management * Familiarity with attack surface management * Certifications such as CISSP, CISM, GIAC * Experience with major VM platforms (Tenable, Qualys, Rapid7, Microsoft, etc.) * Experience designing automation/orchestration for remediation workflows * Experience building executive dashboards and reporting frameworks Key Competencies * Strategic thinking with execution discipline * Threat-centric and risk-based decision making * Executive communication and storytelling * Program and operating model design * Driving operational effectiveness and efficiency * Cross-functional collaboration * Mentorship and leadership Impact of the Role Success in this role enables organizations to: * Reduce real-world exploitable exposure * Mature enterprise patching and remediation capabilities * Shift from reactive patching to threat-informed prioritization * Improve remediation effectiveness and operational efficiency * Strengthen resilience against real-world threat actors * Demonstrate measurable, defensible security outcomes to leadership and regulators * Operationalize CTEM in a sustainable, enterprise-ready manner Want to learn more about Consulting & Security Services? Check us out on our platform: https://www.wwt.com/consulting-services [https://www.wwt.com/consulting-services] https://www.wwt.com/category/security-transformation [https://www.wwt.com/category/security-transformation] Certain states and localities require employers to post a reasonable estimate of salary range. A reasonable estimate of the current base pay range for this position is $180,000 to $200,000 annually. Actual salary will be based on a variety of factors, including shift, location, experience, skill set, performance, licensure and certification, and business needs. The range for this position in other geographic locations may differ. Certain positions may also be eligible for variable incentive compensation, such as bonuses or commissions, that is not included in the base pay. The well-being of WWT employees is essential. So, when it comes to our benefits package, WWT has one of the best. We offer the following benefits to all full-time employees: * Health and Wellbeing: Health, Dental, and Vision Care, Onsite Health Centers, Employee Assistance Program, Wellness program * Financial Benefits: Competitive pay, Profit Sharing, 401k Plan with Company Matching, Life and Disability Insurance, Tuition Reimbursement * Paid Time Off: PTO and Sick Leave (starting at 20 days per year) & Holidays (10 per year), Parental Leave, Military Leave, Bereavement * Additional Perks: Nursing Mothers Benefits, Voluntary Legal, Pet Insurance, Employee Discount Program We strive to create an environment where all employees are empowered to succeed based on their skills, performance, and dedication. Our goal is to cultivate a culture of belonging that encourages innovation, collaboration, and respect for all team members, ensuring that WWT remains a great place to work for All! If you have any questions or concerns about this posting, please email taposting@wwt.com. #LI-TB1 Qualifications Why WWT? At World Wide Technology, we work together to make a new world happen. Our important work benefits our clients and partners as much as it does our people and communities across the globe. WWT is dedicated to achieving its mission of creating a profitable growth company that is also a Great Place to Work for All. We achieve this through our world-class culture, generous benefits and by delivering cutting-edge technology solutions for our clients. Founded in 1990, WWT is a global technology solutions provider leading the AI and Digital Revolution. WWT combines the power of strategy, execution and partnership to accelerate digital transformational outcomes for organizations around the globe. Through its Advanced Technology Center, a collaborative ecosystem of the world's most advanced hardware and software solutions, WWT helps clients and partners conceptualize, test and validate innovative technology solutions for the best business outcomes and then deploys them at scale through its global warehousing, distribution and integration capabilities. With over 12,000 employees across WWT and Softchoice and more than 60 locations around the world, WWT's culture, built on a set of core values and established leadership philosophies, has been recognized 14 years in a row by Fortune and Great Place to Work® for its unique blend of determination, innovation and creating a great place to work for all. Want to work with highly motivated individuals on high-performance teams? Join WWT today! What is the Solutions Consulting & Engineering (SC&E) Team and why join? Solutions Consulting & Engineering is an organization that is Customer Focused and Solutions Led. We deliver end-to-end and emerging solutions to drive customer satisfaction, increase profitability and growth. Our success is enabled by our world-class management consulting, delivery excellence and engineering brilliance. Our goal is to bring together business acumen with full-stack technical know-how to develop innovative solutions for our clients' most complex challenges. Position Overview: The Principal Consultant is a senior advisory and delivery role responsible for helping large enterprises design, mature, operationalize, and continuously optimize their security investments. This role blends deep technical expertise with strategic consulting and hands-on execution to drive measurable risk reduction outcomes. This role includes leadership in enterprise-scale threat and vulnerability management, remediation and patching strategy, processes, controls and supporting tools/technologies spanning infrastructure, networking, cloud, compute, and application layers, ensuring coordinated and risk-prioritized remediation across hybrid environments. This consultant must bring proven experience analyzing, designing, enabling and operationalizing threat and exposure management programs in complex, large-scale enterprise environments, providing solutions that are well-designed, client-fit, scalable, and sustainable. The role emphasizes threat-centric, scenario-based analysis that drives prioritized and actionable remediation, improving both the effectiveness and efficiency of client security operations. The Principal Consultant serves as a trusted advisor to client security leadership, guiding risk-based vulnerability management, exposure validation, and threat-informed defense strategies aligned to business risk, cybersecurity trends, regulatory requirements, and operational realities. The role also requires strong capabilities at executive level (i.e., CISO, CTO, CIO, COO, etc.) reporting and stakeholder communications, enabling leadership to make informed risk and investment decisions. Key Domain Responsibilities Threat & Vulnerability Management Strategy & Advisory * Advise and oversee client projects on Threat & Vulnerability Management strategy, operating models, and multi-year maturity roadmaps * Translate business and data risks into threat and vulnerability management priorities * Align programs to frameworks (e.g., NIST, ISO, MITRE ATT&CK-informed approaches) * Define governance models, roles, and RACI structures for exposure management that fit the client’s culture * Drive operationalization of CTEM strategies into repeatable, scalable enterprise processes * Establish enterprise-wide remediation governance models across infrastructure, network, cloud, and application domains Threat & Vulnerability Management * Lead development and enablement of risk-based vulnerability management programs for clients at enterprise scale * Design prioritization models incorporating threat intelligence, exploitability, and asset criticality * Guide remediation and patch management strategies across: * Infrastructure and operating systems * Network devices and appliances * Cloud platforms and services * Compute workloads (VMs, containers, serverless) * Enterprise and custom applications * Advise on vulnerability SLAs, KPIs, and reporting structures tied to measurable outcomes * Improve remediation effectiveness and efficiency across distributed IT and cloud environments through process & control improvements and use of tools/technologies * Design exception management and risk acceptance frameworks with governance and rigor that are within a client’s risk appetite and risk tolerance and that can withstand regulatory scrutiny Threat-Centric Scenario-Based Analysis * Conduct threat-centric and scenario-based exposure analysis to simulate realistic attack paths * Use adversary-focused scenarios to identify control gaps and drive targeted remediation * Translate threat scenarios into prioritized, actionable remediation plans * Help clients focus on exposures that materially reduce real-world risk Exposure Validation & Threat-Informed Defense * Support implementation of exposure validation practices (e.g., attack path analysis, adversary emulation concepts) * Integrate threat intelligence into prioritization and decision-making * Help clients evolve from scan-centric to exposure-centric and threat-informed models * Validate whether remediation actions meaningfully reduce attacker opportunities Key Consulting & Advisory Responsibilities Consulting & Advisory * Proven consulting/advisory record of supporting clients in different industries in the TVM domain * Ability to lead conversations with multiple client stakeholders to define and scope opportunities acting as a security solutions architect * Polished skills for leading and developing service offerings, TVM thought leadership, proposals, and statement of work products * Ability to develop, maintain and enhance TVM pipeline, forecasts/actuals, utilization and profitability * Lead workshops, briefings, and roadmap sessions * Mentor and train consultants and contribute to capability development * Demonstrate credibility through both strategic insight and real-world execution experience Executive Reporting & Stakeholder Engagement * Design and deliver executive-level reporting frameworks that communicate: * Risk posture and exposure trends * Remediation progress and SLA performance * Business impact and risk reduction metrics * Threat-driven prioritization rationale * Develop and deliver dashboards and narratives for CISO, CIO, and board-level audiences * Translate technical findings into business-relevant risk insights, understanding a client’s risk appetite and risk tolerance * Enable data-driven security investment decisions Program Design & Optimization * Assess current-state maturity and define target-state operating models * Develop processes for continuous discovery, prioritization, validation, and mobilization * Recommend tooling strategies and integration patterns across VM, EDR, CNAPP, ASM, and SIEM ecosystems * Optimize workflows between security, IT, DevOps, and cloud teams * Identify automation opportunities to improve scale and consistency

Responsibilities

This senior advisory and delivery role focuses on helping large enterprises design, mature, and optimize their security investments, specifically leading enterprise-scale threat and vulnerability management, remediation, and patching strategies across hybrid environments. The consultant must drive measurable risk reduction outcomes by blending deep technical expertise with strategic consulting and hands-on execution.