Cyber Attack Surface Management Manager
Not Disclosed•Full-TimeOn-site
location_onNorth Military Highway, Military Circle, Norfolk, Virginia, 23502, United States
About the Role
The ASM Manager leads the Cyber Attack Surface Management function, serving as a strategic partner to reduce the organization's cyber exposure. This role is critical for aligning security capabilities with enterprise risk priorities and coordinating efforts across Security Operations, IT, and various business units. You will act as the primary liaison, driving risk-based decision-making and presenting the organization's risk posture and trends to senior leadership.
In this position, you will oversee the full spectrum of ASM functions, including threat intelligence, third-party incident management, identity hygiene, vulnerability management, and legacy OS risk tracking. The role focuses on defining the program strategy and roadmap, establishing governance frameworks, and operationalizing maturity in cybersecurity processes and remediation workflows.
About the Team
Sentara Health is a close to 30,000-member workforce dedicated to the mission "to improve health every day." Diversity, inclusion, and belonging are guiding principles that ensure our workforce reflects the communities we serve. As an equal opportunity employer, we pride ourselves on creating a diverse and inclusive environment.
Work Environment
This position is located in Norfolk, VA, and operates on the First (Days) shift. Sentara Health maintains a tobacco-free environment to support the health and well-being of all colleagues.
Application Process
Candidates are encouraged to apply with a focus on their relevant experience in Cyber Attack Surface Management, vulnerability management, or cyber exposure programs. The organization values hands-on experience in coordinating remediation efforts and partnering with cross-functional teams in complex enterprise environments.
Work location
Work model: On-site
North Military Highway, Military Circle, Norfolk, Virginia, 23502, United States
Norfolk, Virginia
Key Responsibilities
- check_circleDefine and execute the ASM program strategy, roadmap, and priorities
- check_circleOversee ASM functions including threat intelligence, third-party incident management, and vulnerability management
- check_circleEstablish governance, processes, and performance metrics for cyber exposure reduction
- check_circleAct as primary stakeholder liaison across Security Operations, IT, Risk, and Vendor Management
- check_circlePresent risk posture, trends, and recommendations to senior leadership
- check_circleEnsure integration of ASM capabilities with CTOC and broader cyber security programs
- check_circleDrive risk-based prioritization and decision-making to reduce organizational cyber exposure
Requirements
- verifiedBachelor's degree in Cybersecurity, IT, CS, or related field (or equivalent training/certifications)
- verified7 years relevant experience without degree OR 5+ years with degree
- verifiedCISSP, CISM, CRISC, or vendor certifications related to vulnerability management, cloud security, or threat intelligence (preferred)
- verifiedExperience leading ASM, vulnerability management, threat intelligence, or cyber exposure programs
- verifiedHands-on experience coordinating vulnerability remediation and risk reduction
- verifiedExperience building cybersecurity processes, governance frameworks, and remediation workflows
- verifiedExperience with cybersecurity platforms (Tenable, Qualys, CrowdStrike, ServiceNow, Microsoft Defender, Palo Alto, etc.)
Nice to Have
Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. CISSP, CISM, CRISC, or vendor/platform certifications related to vulnerability management, cloud security, or threat intelligence.
Benefits & Perks
check_circleMedical, Dental, and Vision planscheck_circleAdoption, Fertility, and Surrogacy Reimbursement up to $10,000check_circlePaid Time Off and Sick Leavecheck_circlePaid Parental and Family Caregiver Leavecheck_circleEmergency Backup Carecheck_circleLong-Term, Short-Term Disability, and Critical Illness planscheck_circleLife Insurancecheck_circle401k/403B with Employer Matchcheck_circleTuition Assistance of $5,250/year and discounted education through Guild Educationcheck_circleStudent Debt Pay Down of $10,000
Similar Job Opportunities
Skills, education and keywords
Skills: Cyber Attack Surface Management, Threat Intelligence, Third-Party Incident Management, Identity Hygiene, Vulnerability Management, Legacy Os Risk Tracking, Cissp, Cism, Crisc, Tenable.
Education: Bachelor's degree in Cybersecurity, IT, CS, or related field (preferred).
Frequently asked questions about Cyber Attack Surface Management Manager at Sentara Health
What does a Cyber Attack Surface Management Manager at Sentara Health do?expand_more
A Cyber Attack Surface Management Manager at Sentara Health is responsible for the following: Define and execute the ASM program strategy, roadmap, and priorities; Oversee ASM functions including threat intelligence, third-party incident management, and vulnerability management; Establish governance, processes, and performance metrics for cyber exposure reduction; and Act as primary stakeholder liaison across Security Operations, IT, Risk, and Vendor Management.
What are the requirements for this Cyber Attack Surface Management Manager role?expand_more
To qualify for the Cyber Attack Surface Management Manager at Sentara Health position, applicants should have: Bachelor's degree in Cybersecurity, IT, CS, or related field (or equivalent training/certifications); 7 years relevant experience without degree OR 5+ years with degree; CISSP, CISM, CRISC, or vendor certifications related to vulnerability management, cloud security, or threat intelligence (preferred); Experience leading ASM, vulnerability management, threat intelligence, or cyber exposure programs; Hands-on experience coordinating vulnerability remediation and risk reduction; and Experience building cybersecurity processes, governance frameworks, and remediation workflows.
Where is the Cyber Attack Surface Management Manager role at Sentara Health located?expand_more
Cyber Attack Surface Management Manager at Sentara Health is based in North Military Highway, Military Circle, Norfolk, Virginia, 23502, United States. This is a on-site role.
Is this Cyber Attack Surface Management Manager job remote, hybrid, or on-site?expand_more
Sentara Health has listed this Cyber Attack Surface Management Manager role as on-site.
How much experience is required for this Cyber Attack Surface Management Manager role?expand_more
Cyber Attack Surface Management Manager at Sentara Health typically requires 5+ years of relevant experience at the senior level.
What skills do you need for the Cyber Attack Surface Management Manager role at Sentara Health?expand_more
Key skills for Cyber Attack Surface Management Manager at Sentara Health include Cyber Attack Surface Management; Threat Intelligence; Third-Party Incident Management; Identity Hygiene; Vulnerability Management; Legacy Os Risk Tracking; Cissp; and Cism.
What education is required for Cyber Attack Surface Management Manager at Sentara Health?expand_more
Educational requirements for this role: Bachelor's degree in Cybersecurity, IT, CS, or related field (preferred).
What category does the Cyber Attack Surface Management Manager role belong to?expand_more
Cyber Attack Surface Management Manager at Sentara Health is part of the it job category on Recrutus.