Job Title: Vulnerability Manager
Location: Houston, TX (Hybrid 4:1)
Reports To: Director of Security Governance
Employment Type: Contract - Temp to Hire
Help us insure it. Tokio Marine HCC is a leading global specialty insurance group, backed by the strength and stability of the Tokio Marine Group. With more than 50 years of sustained growth and profitability, and offices across the United States, the United Kingdom, Europe, and other international locations, we offer more than 100 classes of specialty insurance—covering everything from the crops that feed us and the concerts that entertain us to rescuing travelers abroad.
Guided by our Mind Over Risk philosophy, we empower clients to pursue opportunities with confidence while fostering a culture rooted in innovation, collaboration, and trust. Always Advancing, we embrace an entrepreneurial spirit; as Experts in Tomorrow, we anticipate what’s next; and by Reaching Out, we build genuine connections that enable our people and our business to thrive.
Lead the organization's vulnerability management program by identifying, assessing, prioritizing, and coordinating the remediation of security vulnerabilities across IT infrastructure, applications, and cloud environments. Improve the organization's security posture through continuous risk reduction.
Key Responsibilities- Develop and manage the enterprise vulnerability management lifecycle, including scanning, assessment, reporting, and remediation tracking.
- Conduct regular vulnerability scans using Qualys or similar platforms.
- Analyze scan results, validate findings, and work with IT and development teams to prioritize and remediate vulnerabilities.
- Maintain an accurate inventory of assets and ensure proper coverage of vulnerability scanning tools.
- Collaborate with threat intelligence and incident response teams to assess exploitability and risk context.
- Track remediation efforts and provide regular status updates to leadership and stakeholders.
- Develop and maintain metrics and dashboards to measure program effectiveness and risk reduction.
- Stay current with emerging threats, vulnerabilities, and security advisories.
- Support compliance and audit activities related to vulnerability management.
- Provide guidance and training on secure configuration and patch management best practices.
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field.
- Relevant certifications preferred: CISSP, OSCP, CEH, CompTIA Security+, or similar.
- 5+ years of experience in vulnerability management, security operations, or related cybersecurity roles.
- Experience with vulnerability management tools (e.g., Qualys, Akamai).
- Experience with ticketing systems (e.g., ServiceNow, Jira) and GRC platforms is a plus.
- Scripting or automation experience (e.g., Python, PowerShell).
- Experience with container and DevSecOps vulnerability management (e.g., Docker, Kubernetes, SCA tools).
- Strong knowledge of vulnerability scanning tools and techniques.
- Familiarity with Windows, Linux, networking, AWS, Azure, and web application security.
- Understanding of CVSS scoring, risk assessment methodologies, and remediation workflows.
- Strong communication and collaboration skills.
- Ability to manage multiple priorities in a fast-paced environment.
TMHCC is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity, genetic information, marital status, medical condition, national origin, physical or mental disability, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations, and ordinances.
#LI-SD1
Skills Required
- Bachelor's degree in Cybersecurity, IT, Computer Science, or related field
- 5+ years experience in vulnerability management, security operations, or related cybersecurity roles
- Experience with vulnerability management tools (e.g., Qualys, Akamai)
- Scripting or automation experience (Python, PowerShell)
- Experience with container and DevSecOps vulnerability management (Docker, Kubernetes, SCA tools)
- Familiarity with Windows, Linux, networking, AWS, Azure, and web application security
- Understanding of CVSS scoring, risk assessment methodologies, and remediation workflows
- Experience with ticketing systems (ServiceNow, Jira) and GRC platforms
- Relevant certifications (CISSP, OSCP, CEH, CompTIA Security+)
- Strong communication and collaboration skills; ability to manage multiple priorities
Tokio Marine Compensation & Benefits Highlights
The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about Tokio Marine and has not been reviewed or approved by Tokio Marine.
-
Healthcare Strength — Medical options include established carriers with PPO and HDHP choices, plus dental, vision, pharmacy, telehealth, and condition‑specific programs for comprehensive access. An employee assistance program and mental‑wellbeing resources further reinforce day‑to‑day support.
-
Retirement Support — A 401(k) with company match and employer‑paid life and disability coverage strengthen long‑term financial security. Careers materials and recent updates signal continued attention to retirement and protection benefits.
-
Wellbeing & Lifestyle Benefits — Wellness incentives, fitness access, and a holistic “body, mind, wallet, life” framework expand total‑rewards value beyond insurance alone. Paid volunteer time and community programs add lifestyle‑oriented benefits aligned with purpose.
Tokio Marine Insights
What We Do
Tokio Marine HCC can help you or your clients be prepared for unpredictable weather patterns. Event weather insurance protects revenue losses caused by adverse weather conditions that reduce attendance and the sales of concessions, food and parking.

.jpeg)





