Associate Cybersecurity Posture Management

POSITION SUMMARY

The Associate Cybersecurity Posture Management supports the day-to-day operations and continuous improvement of Revantages security posture programs including Cloud Security Posture Management (CSPM) SaaS Security Posture Management (SSPM) vulnerability management identity and access governance third-party cyber risk and security awareness. The role works closely with infrastructure engineering and business teams across NA EU and APAC to identify risks drive remediation and maintain compliance with security policies and standards.

CORE RESPONSIBILITIES

1. Cloud Security Posture Management (CSPM)

• Administer and operate the CSPM toolset (Wiz) to continuously monitor cloud environments for misconfigurations and compliance gaps.
• Prioritize and assign vulnerability findings by category and severity to the infrastructure team; track remediation to closure.
• Discover and integrate additional tools with the CSPM platform to enhance coverage and automated remediation.
• Maintain policies procedures and governance documentation for CSPM operations.
  

2. SaaS Security Posture Management (SSPM)

• Administer and operate the SSPM toolset (Adaptive Shield) to assess and improve SaaS application security posture.
• Configure reports rules and notification workflows for critical vulnerabilities; prioritize findings and assign to infrastructure teams.
• Identify and remediate dormant users and misconfigured SaaS permissions.
• Produce and distribute regular security posture reports to stakeholders.

3. Vulnerability Management

• Administer the vulnerability management program: scan scheduling findings review and remediation assignment to infrastructure teams.
• Categorize and prioritize vulnerabilities by risk and business impact; track progress against SLAs.
• Maintain vulnerability management policies procedures and metrics reporting.

4. Identity & Access Governance

• Maintain policies and procedures for identity and access governance; ensure access controls are in place and regularly reviewed.
• Administer the access recertification process: maintain reviewer assignments and execute timely campaigns.
• Run IAM reports to identify and clean up unused accounts stale groups and over-privileged access.
• Represent Information Security in annual external audits and provide required evidence.

5. Third-Party Cyber Risk Management

• Operate the Third-Party Cyber Risk Management program: conduct vendor risk assessments implement mitigation strategies and monitor compliance.
• Collaborate with procurement and legal teams to ensure security requirements are embedded in contracts and third-party agreements.
• Perform annual reviews of provider SOC reports and document findings for audit purposes.
• Work with Revantage and portfolio company IT teams to coordinate third-party remediation efforts.

6. Security Awareness Training

• Administer and maintain the KnowBe4 security awareness training platform.
• Develop and deliver engaging awareness programs reflecting current threats and organizational risk priorities.
• Track and report training completion rates and campaign effectiveness to leadership.
• Continuously update training content to reflect the latest threat landscape and regulatory guidance.

7. DLP Insider Threat & Security Monitoring

• Monitor DLP and Insider Threat Management systems; investigate and respond to alerts in accordance with policy.
• Monitor systems for anomalous behavior and implement preventive controls in collaboration with engineering teams.
• Participate in the change control process for security-related changes.

8. Operational & Administrative

• Respond to ServiceNow security tickets troubleshoot issues and drive resolution within SLA.
• Develop and maintain scripts (PowerShell Python) for security administrative and automation purposes.
• Maintain secure resilient enterprise-grade cloud processes in collaboration with architects and system engineers.
• Stay current on evolving threats regulatory requirements and security industry best practices; apply learnings across program areas.
• Participate in on-call duties during assigned periods.

REQUIRED QUALIFICATIONS

• Bachelors degree in Computer Science Information Assurance MIS or related field or equivalent industry experience.
• Minimum 2 years of experience in security and systems administration with Azure cloud infrastructure (SaaS IaaS PaaS).
• Solid experience administering Windows operating systems and the Microsoft Azure cloud ecosystem including PowerShell.
• Working knowledge of Microsoft 365 productivity tools and Power BI for reporting and metrics dashboards.
• Excellent verbal and written communication skills; ability to translate technical findings for non-technical stakeholders.

PREFERRED QUALIFICATIONS

• Hands-on experience with Wiz (CSPM) Adaptive Shield (SSPM) Veza (identity governance) or similar toolsets.
• Experience with Microsoft Defender suite and Microsoft Sentinel.
• Familiarity with Linux administration and Python scripting.
• Experience across additional cloud ecosystems (AWS GCP).

EDUCATION & CERTIFICATIONS

• Bachelors degree in Computer Science Information Security or equivalent practical experience.
• Relevant certifications preferred: CCSP CISSP Azure Security Engineer Associate or equivalent.

SUCCESS MEASURES

• Timely identification and remediation of CSPM and SSPM findings with clear metrics reporting.
• High third-party risk assessment completion rates and audit-ready documentation.
• Security awareness training completion rates meeting or exceeding organizational targets.
• Clean IAM hygiene: reduced stale accounts timely recertification cycles and access compliance.
• ServiceNow ticket SLA compliance and high-quality resolution documentation.

Job Applicant Privacy Notice

EEO Statement

The Company is an equal opportunity accordance with applicable law we prohibit discrimination against any applicant employee or other covered person based on any legally recognized basis including but not limited to: veteran status uniformed servicemember status race color caste immigration status religion religious creed (including religious dress and grooming practices) sex gender gender expression gender identity marital status sexual orientation pregnancy (including childbirth lactation or related medical conditions) age national origin or ancestry citizenship physical or mental disability genetic information (including testing and characteristics) protected leave status domestic violence victim status or any other consideration protected by federal state or local law. We are committed to providing reasonable accommodations if you need an accommodation to complete the application process please email