Why This Job is Featured on The SaaS Jobs
In SaaS, security posture is inseparable from product reliability and customer trust, especially as more workloads concentrate in public cloud. A program manager role spanning vulnerability management and cloud security posture management signals an organization treating security as an operational discipline, not a periodic audit. The remit across on-prem, cloud, and application environments reflects the hybrid realities many SaaS platforms still run while modernizing infrastructure, with AWS called out as a primary focus.
The career leverage here comes from learning how SaaS security programs are made measurable and repeatable. Owning the lifecycle from discovery through remediation builds fluency in prioritization frameworks, risk metrics, and the toolchain that underpins continuous monitoring. Exposure to standards such as NIST CSF, ISO 27001, CIS Controls, and FedRAMP adds practical context for how SaaS companies translate control frameworks into engineering workflows, automation, and reporting that leadership can act on.
This role fits professionals who prefer cross-functional influence over direct code ownership and who enjoy turning ambiguous risk signals into clear remediation plans. It will suit someone comfortable convening engineering, DevOps, and infrastructure stakeholders, and who values operational cadence, KPI-driven communication, and platform optimization as core security skills in SaaS environments.
The section above is editorial commentary from The SaaS Jobs, provided to help SaaS professionals understand the role in a broader industry context.
Job Description
The Vulnerability & Cloud Security Program Manager leads the enterprise vulnerability management and cloud security posture management (CSPM) programs, ensuringtimelyidentification, assessment, prioritization, and remediation of risks acrosson-premise, cloud, and application environments. This roleleveragesmodern cloud security and vulnerability management platforms tomonitor, analyze, and strengthen our security posture. You will collaborate closely with engineering, DevOps, and infrastructure teams to reduce risk exposure, support compliance obligations, and advance the organization’s overall security maturity.
Location - We are flexible on remote working from home, if youare located inthe USA and reside in one of the following states - CA, CO, CT, FL, GA, *IL, KS, ME, MA, MD, NJ, NC, NY, OR, TN, TX, VA, and WA. We have physical offices in Austin, TX and Tampa, FL, if you prefer a hybridoption.
Lead andoperatethe full vulnerability management and CSPM lifecycle, ensuringtimelydiscovery, assessment, prioritization, and remediation.
Administer andoptimizeour vulnerabilitymanagement and CSPM platforms, including policies, integrations, reporting, and automation.
Monitor cloud and infrastructure environments toidentifymisconfigurations, excessive permissions, and compliance drift, primarily in AWS.
Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or equivalent experience.
Hands-on experience with CSPM tools, vulnerability detection platforms, and automation (Wiz, AWS Inspector, Nessus,OpenSCAPpreferred).
NinjaOneautomates the hardest parts of IT to deliver visibility, security, and control over all endpoints for more than 40,000 customers. TheNinjaOneautomated endpoint management platform is proven to increase productivity, reduce security risk, and lower costs for IT teams and managed service providers.NinjaOneis obsessed with customer success and provides free and unlimited onboarding, training, and support.NinjaOneis #1 on G2 in endpoint management, patch management, remote monitoring and management, and mobile device management.
We are a collaborative, kind, and curious community.
We honor your flexibility needs with full-timework that ishybrid remote.
We have you covered with our comprehensive benefits package, which includes medical, dental, and vision insurance.
We help you prepare for your financial future with our 401(k) plan.
We prioritize your work-life balance with our unlimited PTO.
We reward your work withopportunityfor growth and advancement.
This position is NOT eligible for Visa sponsorship. Due to federal government security requirements associated with our FedRAMP-authorized environment, candidates must be U.S. citizens or lawful permanent residents.
*Due to operational policies,NinjaOneis unable to hire for this role within the city limits of Chicago. We will consider all qualified candidates whoresideoutside of the city proper or are willing to self-relocate.
Starting pay for the successful applicant depends on a variety of job-related factors, including but not limited to location, market demands, experience, job-related knowledge, and skills.The benefits available for this position include medical, dental, vision, 401(k) plan, life insurancecoverageand PTO. For roles based in California, Colorado, Maryland, New Jersey, orWashingtonthe base salary hiring range for this position is$180,000 to $220,000per year.
For roles based in New York, the base salary hiring range for this position is $180,000 to $220,000 per year.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, genetic information, marital status, veteran status, or any other status protected by applicable law. We are committed to providing an inclusive and diverse work environment.