Manager, Vulnerability & Data Security

Marqeta Marqeta · Fintech · United States · Remote · CyberSecurity

Manager for Vulnerability Management and Data Security programs in a cloud-based fintech company. Responsibilities include leading strategy, integrating findings, establishing risk-based prioritization, maturing patching, coordinating disclosure, and building data security controls, classification, access policies, and lifecycle management. Requires experience with Tenable, Snyk, Sentra, Google DLP, and compliance with PCI/SOX.

What you'd actually do

  1. Lead program strategy and operations: asset coverage, scanning cadence, prioritization, and measurable risk reduction using Tenable (Nessus/SC/IO) and Snyk.
  2. Integrate Tenable and Snyk findings into engineering backlogs with clear SLAs; partner with SRE, platform, and application teams to drive remediation.
  3. Establish risk-based prioritization (CVSS, KEV, EPSS, exploitability, business criticality) and publish dashboards for transparency to leadership.
  4. Establish clear data ownership and stewardship across critical datasets; define roles, responsibilities, and decision rights.
  5. Define and enforce data classification, access, and usage policies; drive best practices and guard rails for least privilege and segregation of duties.

Skills

Required

  • Information security leadership
  • Vulnerability Management
  • Data Security program building
  • Tenable
  • Snyk
  • Sentra (DSPM)
  • Google DLP
  • PCI compliance
  • SOX compliance
  • Cloud security (AWS/GCP/Azure)
  • IAM/IGA
  • SIEM
  • CNAPP
  • Data governance

Nice to have

  • CISSP
  • CISM
  • Automation of Tenable/Snyk workflows
  • GRC/Risk registers
  • Data governance councils
  • RACI
  • Analytics platform security (Snowflake, Databricks, BigQuery)
  • SaaS Security Posture Management
  • Third-party data controls

What the JD emphasized

  • regulated/fintech experience preferred
  • PCI
  • SOX