Vulnerability & Patch Management (Associate) Manager

Sia is a next-generation, global management consulting group. Founded in 1999, we were born digital. Today our strategy and management capabilities are augmented by data science, enhanced by creativity and driven by responsibility. We’re optimists for change and we help clients initiate, navigate and benefit from transformation. We believe optimism is a force multiplier, helping clients to mitigate downside and maximize opportunity. With expertise across a broad range of sectors and services, our 3,000 consultants serve clients worldwide from 48 locations in 19 countries. Our expertise delivers results. Our optimism transforms outcomes. 

Vulnerability & Patch Management (Associate) Manager

About the Role We are seeking an experienced Vulnerability & Patch Management (Associate) Manager, with experience in owning the end-to-end vulnerability lifecycle: from discovery and prioritization to remediation and verification on cloud environments (primary GCP then AWS).

Key Responsibilities

• Operate and optimize the Vulnerability & Patch platform for vulnerability scanning, asset discovery, and exposure management across the enterprise.

• Lead risk-based prioritization of vulnerabilities using Tenable One's analytics and exposure scoring.
• Design, coordinate, and oversee patch management processes, balancing security needs with the availability requirements of a high-uptime trading environment.
• Track remediation SLAs, report on risk exposure, and drive timely closure with system and application owners.
• Collaborate with infrastructure, DevOps, and cloud teams to embed security into deployment and maintenance workflows.
• Maintain awareness of emerging threats, CVEs, and exploit trends, translating them into actionable remediation plans.
• Support audits and contribute to continuous improvement of security policies and standards.

Required Qualifications

• 6–10 years of experience in cybersecurity, with a strong focus on vulnerability and patch management.
• Hands-on expertise with the Tenable One platform (or strong Tenable.io / Tenable.sc / Nessus experience with willingness to transition).
• Solid understanding of operating systems (Windows/Linux), networking, and common attack vectors.
• Strong analytical, prioritization, and stakeholder-communication skills.
• English & Dutch communication and presentation skills.

Nice to Have

• ISO 27001 knowledge or certification (e.g., Lead Implementer / Lead Auditor).
• Google Cloud Platform certifications (e.g., Professional Cloud Security Engineer) are highly valued.
• Experience in critical infrastructure, energy, or other highly regulated/high-availability sectors.

What do we offer?

• Competitive salary with great extra advantages: a flexible mobility plan, a clear and structured yearly salary increase and bonuses.
• Flexible transport options that match your personal needs.
• Training plan to develop yourself as an expert in your discipline.
• You have the opportunity to work from home, the client or from our inspiring office in Amsterdam.
• Working in an international environment which creates opportunities to share knowledge and work together on international projects with colleagues all over the world. 

Additional information
We are unable to provide a work permit for this position
Sia is certified "Great Place to Work". Come and join us to take part in this great company.

Sia is an equal opportunity employer. All aspects of employment, including hiring, promotion, remuneration, or discipline, are based solely on performance, competence, conduct, or business needs.