Vulnerability & Patch Management (Associate) Manager

Join Sia as a Vulnerability & Patch Management (Associate) Manager.

Sia is a next-generation, global management consulting group. Founded in 1999, we were born digital. Today our strategy and management capabilities are augmented by data science, enhanced by creativity and driven by responsibility. We help clients initiate, navigate and benefit from transformation.

Job description

About the Role

We are seeking an experienced Vulnerability & Patch Management (Associate) Manager, with experience in owning the end-to-end vulnerability lifecycle: from discovery and prioritization to remediation and verification on cloud environments (primary GCP then AWS).

Key Responsibilities

• Operate and optimize the Vulnerability & Patch platform for vulnerability scanning, asset discovery, and exposure management across the enterprise.
• Lead risk-based prioritization of vulnerabilities using Tenable One's analytics and exposure scoring.
• Design, coordinate, and oversee patch management processes, balancing security needs with the availability requirements of a high-uptime trading environment.
• Track remediation SLAs, report on risk exposure, and drive timely closure with system and application owners.
• Collaborate with infrastructure, DevOps, and cloud teams to embed security into deployment and maintenance workflows.
• Maintain awareness of emerging threats, CVEs, and exploit trends, translating them into actionable remediation plans.
• Support audits and contribute to continuous improvement of security policies and standards.

Qualifications

Required Qualifications

• 6–10 years of experience in cybersecurity, with a strong focus on vulnerability and patch management.
• Hands-on expertise with the Tenable One platform (or strong Tenable.io / Tenable.sc / Nessus experience with willingness to transition).
• Solid understanding of operating systems (Windows/Linux), networking, and common attack vectors.
• Strong analytical, prioritization, and stakeholder-communication skills.
• English & Dutch communication and presentation skills.

Nice to Have

• ISO 27001 knowledge or certification (e.g., Lead Implementer / Lead Auditor).
• Google Cloud Platform certifications (e.g., Professional Cloud Security Engineer) are highly valued.
• Experience in critical infrastructure, energy, or other highly regulated/high-availability sectors.

Additional information

What do we offer?

• Competitive salary with great extra advantages: a flexible mobility plan, a clear and structured yearly salary increase and bonuses.
• Flexible transport options that match your personal needs.
• Training plan to develop yourself as an expert in your discipline.
• You have the opportunity to work from home, the client or from our inspiring office in Amsterdam.
• Working in an international environment which creates opportunities to share knowledge and work together on international projects with colleagues all over the world.

We are unable to provide a work permit for this position.

Sia is certified "Great Place to Work". Come and join us to take part in this great company.