Vulnerability Manager

Position Description:

Vulnerability Manager

Position Overview

The Vulnerability Manager will lead the IT Infrastructure Cybersecurity Operations team overseeing the enterprise-wide vulnerability remediation program for the infrastructure environment. This role bridges the Information Security team and IT Infrastructure platform teams ensuring timely remediation of vulnerabilities across servers networks databases and virtualization environments while maintaining executive visibility through regular reporting.

Key Responsibilities

Infrastructure Vulnerability Remediation Management

Lead remediation efforts across all IT infrastructure domains
Track vulnerabilities identified through Tenable penetration testing security assessments and threat intelligence feeds
Monitor remediation progress against established SLA deadlines
Proactively engage Infrastructure Network Database and Virtualization teams to ensure timely resolution
Maintain dashboards and metrics on remediation status

Stakeholder Management & Reporting

Present monthly vulnerability management reports to the IT Infrastructure Management Steering Committee and CISO office
Provide executive insights on remediation trends risk exposure and program effectiveness
Escalate critical vulnerabilities to senior leadership including CTO Infrastructure Directors and Risk Management

Technical Guidance & Infrastructure Support

Provide expert guidance on remediation strategies patching and configuration hardening
Troubleshoot complex remediation scenarios involving legacy systems critical infrastructure or dependencies
Recommend best practices aligned with industry standards
Advise on patch management strategies that balance security with system stability

Risk Acceptance & Control Validation

Review and validate risk acceptance requests when remediation is not immediately feasible
Assess compensating controls (e.g. segmentation access controls monitoring)
Guide teams in developing effective risk mitigation strategies
Ensure documentation meets governance regulatory and compliance requirements

Program Leadership & Governance

Drive continuous improvement of the vulnerability management program
Develop and maintain policies procedures and workflows aligned with IT governance
Foster collaboration between Information Security and Infrastructure teams
Support regulatory audits and examinations

Your future duties and responsibilities:

Required Qualifications
Bachelors degree in Computer Science Information Technology Information Security or related field
7 years of experience in IT infrastructure security cybersecurity operations or vulnerability management (preferably in financial services)
3 years in a leadership role
Strong knowledge of vulnerability assessment tools (e.g. Tenable/Nessus)
Experience with risk management frameworks in regulated environments
Ability to communicate technical concepts to executive audiences
Understanding of regulatory and IT risk requirements
Preferred Qualifications
Certifications such as CISSP CISM or similar
Experience with vulnerability management platforms and ITSM tools (e.g. ServiceNow)
Background in both security and infrastructure operations
Experience in large complex IT environments
English required; French is an asset

Required qualifications to be successful in this role:

Key Competencies
Strong analytical and problem-solving skills
Excellent communication and presentation abilities
Results-driven with the ability to work under regulatory pressure
Ability to influence cross-functional teams without direct authority
Strategic mindset with attention to operational detail
Strong stakeholder management and negotiation skills
Ability to balance security needs with business continuity
Working Environment
Location: Montreal Quebec
Hybrid model: up to 2 days remote per week after 3 months
Collaboration with global Infrastructure and Security teams
Exposure to senior IT and Risk leadership

CGI provides a reasonable estimate of the salary range for this position. This range is determined based on various factors including skill level geographic market experience education as well as professional licenses and certifications. Compensation decisions are made on a case-by-case basis a reasonable estimate for the salary range of this position is between $60000 and $115000. This position is currently open.

#LI-AM1

Bilingualism (French and English) is required for this position due to the nature of the role requiring interaction with national and global clients.

Skills:

• English
• French
• IT Security
• Vulnerability Management(IAVM)

What you can expect from us:

Together as owners lets turn meaningful insights into action.

Life at CGI is rooted in ownership teamwork respect and belonging. Here youll reach your full potential because

You are invited to be an owner from day 1 as we work together to bring our Dream to life. Thats why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our companys strategy and direction.

Your work creates value. Youll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas embrace new opportunities and benefit from expansive industry and technology expertise.

Youll shape your career by joining a company built to grow and last. Youll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.

At CGI we value the strength that diversity brings and are committed to fostering a workplace where everyone belongs. We collaborate with our clients to build more inclusive communities and empower all CGI partners to thrive. As an equal-opportunity employer being able to perform your best during the recruitment process is important to us. If you require an accommodation please inform your recruiter.

To learn more about accessibility at CGI contact us via email. Please note that this email is strictly for accessibility requests and cannot be used for application status inquiries.

Come join our teamone of the largest IT and business consulting services firms in the world.