iCapital
FinTech
VulnerabilityManagementSpecialist-AssistantVicePresident
Neural analysis suggests this role is
optimal for Mid candidates.
“Vulnerability Management Specialist - Assistant Vice President at iCapital. Skills: Vulnerability Management, Exposure Management, Application Security, Remediation. Establish Vulnerability Management practices. Run Vulnerability Management practices”
Industry & Context.
Root cause analysis; Troubleshooting
What They're Looking For.
Must Have
Experience in Vulnerability Management, Experience in Exposure Management, Experience in Application Security, Understanding of web security risks, Understanding of API security risks, Experience reviewing penetration testing findings, Experience validating penetration testing findings, Experience working with developers, Experience with scripting, Experience with automation, Experience with development workflows, Experience with systems engineering, Experience with modern CI/CD environments, Verbal communication skills, Written communication skills, Able to influence stakeholders, Able to drive tasks to completion
Nice to Have
Security certifications, GitLab security features experience, GitHub security features experience, Wiz experience, CSPM experience, CrowdStrike experience, Code scanning tools experience, SAST experience, SCA experience, DAST experience, Secure code reviews experience, Threat modelling experience, API security experience, Burp Suite experience, Similar testing tools experience
What You'll Do.
Establish Vulnerability Management practices
Run Vulnerability Management practices
Establish Exposure Management practices
Run Exposure Management practices
Build structured remediation processes
Support application security activities
Drive remediation execution
Manage Vulnerability Management processes
Manage Exposure Management processes
Provide continuous monitoring
Prioritize vulnerabilities
Resolve vulnerabilities
Implement remediation
Drive remediation standards
Build automation capabilities
Ingest vulnerabilities
Track vulnerabilities
Report vulnerabilities
Evolve exposure management capabilities
Improve exposure management capabilities
Build automation capabilities for application security
Incorporate secrets security
Incorporate API security
Review penetration testing findings
Validate penetration testing findings
Ensure effective remediation
Explain vulnerabilities to developers
Agree remediation approaches
Support threat modelling activities
Identify risk in design phase
Improve detection capabilities
Improve alerting capabilities
Develop workflows for vulnerability intake
Develop workflows for triage
Develop workflows for remediation tracking
Develop workflows for reporting
Assist Governance teams
Deliver security improvements
How You'll Work.
Team & Collaboration
Collaborate with engineering teams; Collaborate with developers; Collaborate with Security; Collaborate with Risk teams; Collaborate with Governance teams; Cross-functional teams
Communication Scope
Verbal communication; Written communication
Full Job Description
iCapital is looking for a AVP Engineer to join the Information Security team. This role will help establish and run Vulnerability and Exposure Management practices, build structured remediation processes, support application security activities, and continuously identify and reduce risk across iCapital technology. The ideal candidate is a hands-on individual contributor who can implement and improve processes, work directly with developers and drive remediation execution at scale. Responsibilities Build and manage Vulnerability and Exposure Management processes, providing continuous monitoring, prioritisation, and resolution of vulnerabilities across the environment. Implement and drive remediation of vulnerabilities and security weaknesses. Collaborate with engineering teams to improve workflows, adopt best practices, and drive consistent remediation standards. Build automation capabilities to ingest, track and report vulnerabilities and exposures. Evolve and improve exposure management capabilities, including prioritization based on risk, attack paths, and business impact. Build processes and automation capabilities for application security workflows, including SAST, SCA, secrets and API security in collaboration with developers. Review and validate penetration testing findings and ensure effective remediation. Work directly with developers to explain vulnerabilities, agree remediation approaches, and validate fixes. Support threat modelling activities to identify risk earlier in the design phase. Assist the SOC in improving detection and alerting capabilities based on identified vulnerabilities and exposures. Develop workflows for vulnerability intake, triage, remediation tracking, and reporting across tools. Assist Risk and Governance teams with policies, procedures, standards, and audit evidence. Collaborate with cross-functional teams, including Engineering and Security, to deliver security improvements. Qualifications Experience in Vulnerability Management, E
Applying for this Vulnerability Management Specialist - Assistant Vice President role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Greenhouse
- Create a Greenhouse profile before applying — it saves time across multiple applications.
- Upload your resume as a PDF; the parser handles it better than Word.
- Answer all knockout questions carefully — wrong answers auto-reject before a human sees you.
- Enable email notifications to track application status in real time.
ANONYMOUS · UNFILTERED
What do employees actually say about iCapital?
Real rants from real employees. Read before you apply.