RingCentral is a leader in the UCaaS segment providing cloud-based communications of any kind: cloud PBX, cloud call center, cloud video & events, messaging, analytics and flexible billing services. Currently we are looking for a Global Vulnerability Program Manager to fit in our Security Operations division and improve our security grip and security posture in all provided services to the customer.
As a Vulnerability Manager, you will lead the end-to-end lifecycle of vulnerability identification, analysis, and remediation across our global infrastructure (US, EMEA & APAC regions) and will also manage vulnerability engineers to achieve this goal. You will also proceed with internal and external projects related to this field either by yourself or with your team.
You aren't just looking for "bugs"; you are building the processes and data pipelines that allow our engineering and SRE teams to fix the right things at the right time. You will bridge the gap between technical scanning tools (Qualys, Twistlock, Nuclei) and executive-level reporting.
Key responsibilities
Process Engineering: Design and implement a scalable vulnerability management
Tool Orchestration: Oversee and optimize our scanning ecosystem, including Qualys, Twistlock/Prisma Cloud, and Nuclei.Data Analysis & Reporting: Leverage BigQuery, Splunk, and Looker to transform raw scan data into actionable risk dashboards. You will be responsible for defining the KPIs that track our remediation velocity and risk posture.
Data Analysis & Reporting: Leverage BigQuery, Splunk, and Looker to transform raw scan data into actionable risk dashboards. You will be responsible for defining the KPIs that track our remediation velocity and risk posture.
Stakeholder & Team Management: Manage your team to get valid data, lead cadence calls with technical teams and deliver high-impact presentations to Director+ leadership, translating complex security risks into business impact.
Global Coordination: Manage the vulnerability lifecycle across the US, EMEA and APAC regions, ensuring compliance with local regulations and time-zone-aligned remediation workflows.
Documentation: Maintain a comprehensive "Single Source of Truth" in Confluence for all VM policies, scan schedules, and remediation playbooks.
Workflow Automation: Manage the integration between security scanners and Jira to ensure tickets are routed, prioritized, and tracked through to resolution.
Required skills and qualifications
Experience: 3+ years in Cybersecurity, with at least 1 year in a leadership or program management role focused on Vulnerability Management (would be a plus).
Technical & Management Experience:
Basic understanding of management role and function & solid understanding of process development, implementation & improvement (certifications like ITIL is a plus)
Basic understanding of project management function (certifications like PMP, PRINCE2 is a plus)
Familiarity with automation-focused tools like Nuclei, Qualys and Twistlock.
Ability to query and visualize data using SQL (BigQuery), Splunk, or Looker.
Hands-on experience with Qualys and Twistlock (would be a plus)
Soft skills and other:
B2/B1 English proficiency is mandatory; you must be comfortable leading meetings and writing reports in English.
Ability to tell stories with your data in any format - presentations, dashboards, sheets
Solid communication skills with the ability to influence senior stakeholders and express your thoughts and ideas clearly and comprehensively.
Proven track record of building security processes from the ground up and managing cross-functional teams.
Bachelor’s degree in Computer Science, CyberSecurity, or equivalent.
What We Offer:
Well-coordinated professional team
Cutting edge technologies, interesting and challenging tasks, dynamic project, great opportunities for self-realization, professional and career growth
Additional Health and Life Insurance Package
Employee Assistance Program
25 vacation days
This role requires on-site presence at our office 4 days a week to support effective collaboration and teamwork.
