Senior Cybersecurity Specialist - Vulnerability Management

Organizational Context

The World Food Programme (WFP) is the world's largest humanitarian organization, dedicated to saving lives and building a pathway to peace, stability, and prosperity. WFP operates in diverse and challenging environments, utilizing food assistance to support recovery from conflict, disasters, and climate change impacts. The organization values diversity, inclusion, and invests in its workforce's development.

Job Purpose

The Senior Cybersecurity Specialist - Vulnerability Management will play a crucial role in evolving WFP’s cybersecurity posture by enhancing its vulnerability and exposure management capabilities. This position focuses on adopting a risk-driven approach, prioritizing vulnerabilities based on exploitability, business impact, and actual exposure, moving beyond traditional severity-based models. The specialist will act as a central coordination and analytical function, identifying, contextualizing, and prioritizing cyber risks across WFP’s digital landscape. Key responsibilities include driving continuous asset discovery, conducting thorough vulnerability assessments, and leading remediation efforts. The role will also involve integrating external intelligence, recommending compensating controls, and contributing to the practical adoption of AI-enabled capabilities within cybersecurity processes to strengthen visibility and measurably reduce cyber risk exposure across the organization.

Responsibilities

The Senior Cybersecurity Specialist – Vulnerability Management role at the World Food Programme (WFP) focuses on enhancing the organization's capabilities in managing cyber risks. A primary responsibility is to drive continuous asset discovery and visibility across diverse digital environments, including cloud, on-premise, and SaaS platforms, to support an intelligence-driven threat exposure management model. The specialist will conduct and validate vulnerability assessments, prioritizing findings based on real-world risk factors such as exploitability, business criticality, and actual exposure, rather than solely on severity. This involves integrating external threat intelligence to inform prioritization decisions. The role acts as a central coordination point for vulnerability remediation, ensuring clear tasking, tracking progress, enforcing service level agreements (SLAs), and escalating high-risk issues. A key aspect is driving the adoption of AI-enabled capabilities within vulnerability management processes to enhance risk prioritization and automation, while maintaining governance and human oversight. The specialist will also recommend compensating controls, analyze vulnerability trends to identify systemic weaknesses, and support the integration of vulnerability data into reporting and ticketing platforms to provide clear visibility of exposure and remediation performance. Collaboration with internal teams and partners to improve processes, tooling, and data integration is essential, as is contributing to awareness initiatives on vulnerability risks and secure practices.

Work Experience

Requires 6-8 years of experience in vulnerability management, cybersecurity operations, or threat management. Experience with cloud platforms, threat exposure management, or rapidly evolving vulnerability environments is highly desirable. Strong understanding of vulnerability management concepts, tools, and processes is essential. Knowledge of cloud environments, networking, and exploitability is also important. Analytical and communication skills are key for interpreting data and managing risk.

Skills

Vulnerability Management, Cybersecurity Operations, Threat Management, Cloud Security, Risk Prioritization, Asset Discovery, Incident Response, Data Analysis, Stakeholder Engagement, AI in Cybersecurity

Explore related opportunities