• IT Vulnerability Manager

    Advanced Energy (Denver, CO)


    IT Vulnerability Manager

    ABOUT ADVANCED ENERGY

    Advanced Energy (Nasdaq: AEIS) is a global leader in the design and manufacturing of highly engineered, precision power conversion, measurement and control solutions for mission-critical applications and processes. AE’s power solutions enable customer innovation in complex applications for a wide range of industries including semiconductor equipment, industrial, manufacturing, telecommunications, data center computing and healthcare. Advanced Energy has devoted four decades to perfecting power for its global customers and is headquartered in Denver, Colorado.

     

    WHY BE A PART OF ADVANCED ENERGY?

     

    Some people say it’s like working in the best of two worlds. We operate like an agile, growing, small company – you can see your work make a difference to the company every day. Things move quickly and you can see and feel it. At the same time, we’re a global company founded in 1981 and have been publicly traded for more than 28 years. We have a strong cash position, deep trust and partnership with leading customers, a global best-in-class operations capability, and a proven leadership team. We have a track record and resources to make things happen both organically and inorganically. Being part of a nimble company with a solid foundation attracts team members that are capable, driven and like a challenge. Our employees collaborate and know how to have fun inventing, working, building and winning together. At our core, we are Advanced Energy – powering the future, together.

    POSITION SUMMARY:

    The Vulnerability Manager will be responsible for identifying, tracking, coordinating, and verifying remediation of vulnerabilities in internal and external landscapes. The individual in this role is expected to have a general understanding of many different systems, applications, and business processes across the company. The Vulnerability Manager will understand operating systems (both physical and virtualized), applications, networking and cloud infrastructure concepts, and known exploitable vulnerabilities as well as emerging threats. Working closely with the IT Infrastructure, Network, and Applications teams, the Vulnerability Manager will collaborate identification and remediation of vulnerabilities as well as the overall attack surface. The role is highly technical, and the Vulnerability Manager is expected to have a diverse understanding of cybersecurity principles, enterprise level systems, and business process dependencies. This role will stay up to date with the evolving threat landscape, potential impact, and risk on advanced technologies, as well as legacy systems and applications.

     

    The Vulnerability Manager will take an active lead to inform, advise and collaborate with technology leadership and business units to secure the confidentiality, integrity, and availability of company assets. The manager will regularly report on the state of vulnerabilities and metrics to Information Security and IT Leadership. The ability to collaborate with multiple teams and take a pragmatic approach, while at the same time possessing a sense of urgency when required, is essential. The Vulnerability Manager will support strategic initiatives driven by Information Security and IT Leadership for short- and long-term plans to identify, protect, and reduce the attack surface across company assets. This position will report to the Director of Information Security.

    RESPONSIBILITIES:

    + Monitor for vulnerabilities within applications, technology assets, networks, cloud services, and other elements of the threat landscape.

    + Collaborate with IT and Security Operations to manage internal- and external-facing systems to identify, track and remediate system and application vulnerabilities.

    + Support IT operations in remediating system and application vulnerabilities.

    + Conduct continuous discovery, assessment and remediation status of in-scope vulnerabilities.

    + Prioritize vulnerability remediation based on criticality, exploit probability, rating and assessed risk.

    + Document, prioritize, recommend, validate and report on the state of vulnerabilities.

    + Recommend tactical options to reduce attack surface, containment alternatives and impede attackers.

    + Work closely with infrastructure teams to advise and support remediation efforts to close vulnerability exposure to monitored threats.

    + Remain current with emerging threats and share knowledge with colleagues to improve security posture.

    + Define key performance indicators and metrics to illustrate efficacy and program maturity for vulnerability management.

    + Maintain documentation related to vulnerability policies and procedures.

    + Assist with host and application hardening (including benchmark assessments) across company-wide assets.

    + Serve as a point of contact for new and existing vulnerability-related issues.

    + Assist with change management operations to ensure new vulnerabilities are not introduced.

    + Provide vulnerability education and guidance to stakeholders, developers, IT and business leaders as needed.

    + Availability to work nonstandard business hours to respond to and mitigate critical threats.

    + Perform other duties as assigned.

    WORK ENVIRONMENT:

    + Standard office environment

    + Location: Denver, CO

    QUALIFICATIONS** **:

    + Understanding of Windows and *nix operating systems, endpoint applications and networking.

    + Understanding of OWASP, CVSS and MITRE ATT&CK framework and the software development lifecycle.

    + Capacity to comprehend complex technical infrastructure, managed services and third-party dependencies.

    + Strong written and oral communication skills across varying levels of the organization.

    EXPERIENCE:

    + At least five years of experience in security operations, vulnerability management or IT Operations.

    + Experience with vulnerability management across common cloud platforms.

    EDUCATION:

    + Bachelor's degree in cybersecurity, computer science, engineering, or a related field.

    + Preferably one or more certification such as, GEVA, GSOC, CISA, CISSP.

    COMPENSATION:

    _As required by multiple state pay transparency laws, Advanced Energy provides a reasonable range of compensation for each job posting. Actual compensation is influenced by an array of factors including, but not limited to, skill set, level of experience, and specific office location. The range of starting pay for this role is $127k to $190k per year._

    BENEFITS:

    As part of our total rewards philosophy, we believe in offering and maintaining competitive compensation and benefits programs for our employees to attract and retain a talented, highly engaged workforce. Our compensation programs are focused on equitable, fair pay practices including market-based base pay, an annual pay-for-performance incentive plan, and discounted Employee Stock Purchase Plan.

     

    In addition to our competitive compensation practices, we offer a strong benefits package in each of the countries in which we operate. In the U.S., we offer a rich benefits package that includes:

     

    Medical - multiple medical plans are available to choose from

     

    Short and long-term disability and life insurance

     

    Health savings and flexible spending accounts

    Generous time off policy starting with 3 weeks of paid vacation, 7 days of paid sick time, and 12 paid holidays

    8 hours of paid volunteer time off

    8 weeks of paid parental leave for both Moms and Dads

     

    Company matched 401(k)

     

    Tuition reimbursement

     

    Expanded mental health coverage and employee assistance programs

     

    Other voluntary benefits include critical illness, accident and hospital indemnity, pet insurance, identify theft, and legal assistance

     

    Advanced Energy is committed to diversity in its workforce including Equal Employment Opportunity for Minorities, Females, Protected Veterans, and Individuals with Disabilities.

     

    Advanced Energy is also committed to providing reasonable accommodations in our job application process/procedures for qualified individuals with disabilities. If you require assistance in completing an Advanced Energy application, please reach out to [email protected].

    CO ONLY:

    Applications will be accepted through 10/17/2025, the company reserves the right to review applications at any point after they are submitted.