Vulnerability Manager

Tech Talent International (SI) supplies technical talent to a variety of clients ranging from Fortune 100/500/1000 companies to small and mid-sized organizations in Canada/US and Europe.

We currently have acontract role as a Vulnerability Manager with our large consulting client on a long term project with a major financial services client in the downtown Montreal area.

Role: Vulnerability Manager

Type: Contract

Duration: 12 months to start potential extension

Location: Downtown Montreal QC - Hybrid (roles starts off 5 days in office for 1st 3 months then turns into hybrid setup 3 days onsite 2 days from home)

Rate: C2C - $70 - $75/hr depending on overall experience and expectations

Position Overview

The Vulnerability Manager will lead the IT Infrastructure Cybersecurity Operations team overseeing the enterprise-wide vulnerability remediation program for CA-CIBs infrastructure environment. This role bridges the Information Security team and IT Infrastructure platform teams ensuring timely remediation of vulnerabilities across servers networks databases and virtualization infrastructure while maintaining executive visibility through regular reporting.

Key Responsibilities

Infrastructure Vulnerability Remediation Management

• Lead remediation efforts for vulnerabilities across IT Infrastructure domains.
• Track vulnerabilities from Tenable penetration testing security assessments and threat intelligence feeds
• Monitor remediation progress against established SLA deadlines
• Engage proactively with Infrastructure Network Database and Virtualization teams to ensure timely closure
• Maintain comprehensive dashboards and metrics on vulnerability remediation status

Stakeholder Management & Reporting

• Present monthly vulnerability management reports to IT Infrastructure Management Steering Committee and CISO office
• Provide executive insights on remediation trends infrastructure risk exposure and program effectiveness
• Escalate critical infrastructure vulnerabilities to CTO Infrastructure Directors and Risk Management

Technical Guidance & Infrastructure Support

• Provide expert guidance on remediation strategies patching approaches and configuration hardening
• Troubleshoot complex remediation scenarios involving legacy systems business-critical infrastructure or technical dependencies
• Recommend best practices for infrastructure vulnerability mitigation aligned with banking industry standards
• Advise on patch management strategies balancing security requirements with infrastructure stability

Risk Acceptance & Control Validation

• Review and validate risk acceptance requests when immediate remediation is not feasible due to business criticality legacy constraints vendor limitations or complex dependencies
• Assess adequacy of proposed compensating controls (network segmentation access controls monitoring)
• Guide teams in developing robust compensating controls that effectively reduce risk exposure
• Ensure risk acceptance documentation meets CA-CIB governance regulatory and compliance requirements.

Program Leadership & Governance

• Drive continuous improvement of the infrastructure vulnerability management program
• Develop and maintain vulnerability management policies procedures and workflows aligned with CA-CIB IT governance
• Foster collaboration between Information Security and IT Infrastructure teams
• Support regulatory examinations and audits related to infrastructure security

Required Qualifications

• Bachelors degree in Computer Science Information Technology Information Security or related field
• 7 years of experience in IT infrastructure security cybersecurity operations or vulnerability management within banking or financial services
• 3 years in a leadership or management role
• Strong understanding of vulnerability assessment tools (Tenable/Nessus) and infrastructure scanning methodologies
• Experience with risk management frameworks and control validation in regulated environments
• Proven ability to communicate technical infrastructure security concepts to executive audiences
• Understanding of banking regulatory requirements and IT risk management

Preferred Qualifications

• Relevant certifications: CISSP CISM or similar
• Experience with vulnerability management platforms and ITSM systems (ServiceNow)
• Background in both information security and IT infrastructure operations
• Experience working in large complex banking IT environments
• English (mandatory) French language skills (preferred)

Key Competencies

• Strong analytical and problem-solving skills with infrastructure focus
• Excellent communication and presentation abilities in English
• Proactive and results-oriented mindset with ability to work under regulatory pressure
• Ability to influence infrastructure teams without direct authority
• Strategic thinking with attention to operational detail and business impact
• Stakeholder management and negotiation skills across technical and business functions
• Ability to balance security requirements with business continuity and operational resilience

Working Environment

• Location: downtown Montreal Quebec
• Working from home on a voluntary basis for up to 2 days per week after 3 months of joining
• Collaboration with global IT Infrastructure and Security teams
• Exposure to senior IT and Risk leadership

Other:

Calendar: this role follows statutory holidays of USA

Term: 12 months extensions

Target Start Date: ASAP