CFA Institute
Manager, Cyber Hygiene
Join us to harden our defenses and keep CFA Institute a step ahead of evolving threats. As Manager, Cyber Hygiene, you'll lead enterprise-scale vulnerability and patch management across hybrid environments, design automation that speeds remediation, and embed secure-by-default practices in our engineering and operations. This is a hands-on, impact-focused role where you'll reduce risk at scale and measurably improve our security posture. Please note: CFA Institute does not provide work authorization or visa sponsorship for this position (including temporary worker or student). What You'll Do
Lead vulnerability & patch management across infrastructure, applications, and cloud servicesown scanning, prioritization, and closure at scale. Build automation and tooling (e.g., scripting and orchestration) to streamline patch deployment, configuration management, and remediation workflows. Be the technical authority on cyber hygieneguide SRE, engineering, and operations on secure configuration and remediation strategies. Prioritize by riskcorrelate findings with threat intelligence to focus on the highest-impact exposures. Ensure cloud & infrastructure hygiene and compliance across on-prem and AWS/Azure/GCP environments. Continuously improve tools, processes, and standards; evaluate new technologies to drive efficiency and maturity. Measure what matterscreate dashboards/reports that track closure rates, posture trends, and conformance to industry standards. Prevent incidents proactively by reducing attack surface and closing gaps before they can be exploited. What You'll Bring
Minimum Qualifications
Bachelor's degree in Computer Science, Information Security, or related field; or equivalent technical experience. 57 years in cybersecurity, SRE, or IT operations with significant hands-on vulnerability remediation experience. Advanced expertise with vulnerability scanning platforms (e.g., Tenable, Qualys, Rapid7). Deep knowledge of patch management, OS hardening, and CIS-aligned secure configuration. Strong scripting/programming (Python, PowerShell, Bash) for remediation and reporting automation. Familiarity with IaC and configuration management (Ansible, Puppet, Chef, Terraform). Solid grounding in networking, operating systems, and enterprise IT architecture. Demonstrated collaboration with engineers/developers/operations to embed hygiene practices; strong analytical and communication skills. Preferred Qualifications
Experience with cloud-native security controls (e.g., AWS Inspector, Azure Security Center, GCP Security Command Center). Technical certifications such as OSCP, GCFA, GPEN, or other GIAC credentials. Cloud security certifications (e.g., AWS Security Specialty, Azure Security Engineer). Why Join Us?
At CFA Institute, you'll shape security outcomes that protect a global mission-driven organization. You'll collaborate with talented colleagues across SRE, engineering, and IT, have autonomy to implement automation and best practices, and see your work reflected in meaningful, measurable risk reduction. We offer a supportive culture grounded in accountability, authenticity, courage, agility, strategic thinking, growth mindset, and talent development. Expected salary range: $120,000 - $140,000. Other benefits include eligibility for annual incentives, 12% retirement employer contribution, and competitive medical benefits. All salary ranges are subject to adjustment based on experience, education, and other factors relevant to the position. CFA Institute is an equal opportunity employer and encourages applications from all qualified individuals. About CFA Institute: CFA Institute are the global leader in investment excellence and ethics. With nearly 200,000 charterholders across 160 markets, we drive professional growth, ethical behavior, and better markets. We care about our employees' well-being, offering industry-leading benefits like: Comprehensive health coverage for you and your family Generous leave and time off Competitive retirement plans Flexible work options Wellness, education, and support programs If you feel this opportunity could be the next step in your career, we encourage you to apply.
Join us to harden our defenses and keep CFA Institute a step ahead of evolving threats. As Manager, Cyber Hygiene, you'll lead enterprise-scale vulnerability and patch management across hybrid environments, design automation that speeds remediation, and embed secure-by-default practices in our engineering and operations. This is a hands-on, impact-focused role where you'll reduce risk at scale and measurably improve our security posture. Please note: CFA Institute does not provide work authorization or visa sponsorship for this position (including temporary worker or student). What You'll Do
Lead vulnerability & patch management across infrastructure, applications, and cloud servicesown scanning, prioritization, and closure at scale. Build automation and tooling (e.g., scripting and orchestration) to streamline patch deployment, configuration management, and remediation workflows. Be the technical authority on cyber hygieneguide SRE, engineering, and operations on secure configuration and remediation strategies. Prioritize by riskcorrelate findings with threat intelligence to focus on the highest-impact exposures. Ensure cloud & infrastructure hygiene and compliance across on-prem and AWS/Azure/GCP environments. Continuously improve tools, processes, and standards; evaluate new technologies to drive efficiency and maturity. Measure what matterscreate dashboards/reports that track closure rates, posture trends, and conformance to industry standards. Prevent incidents proactively by reducing attack surface and closing gaps before they can be exploited. What You'll Bring
Minimum Qualifications
Bachelor's degree in Computer Science, Information Security, or related field; or equivalent technical experience. 57 years in cybersecurity, SRE, or IT operations with significant hands-on vulnerability remediation experience. Advanced expertise with vulnerability scanning platforms (e.g., Tenable, Qualys, Rapid7). Deep knowledge of patch management, OS hardening, and CIS-aligned secure configuration. Strong scripting/programming (Python, PowerShell, Bash) for remediation and reporting automation. Familiarity with IaC and configuration management (Ansible, Puppet, Chef, Terraform). Solid grounding in networking, operating systems, and enterprise IT architecture. Demonstrated collaboration with engineers/developers/operations to embed hygiene practices; strong analytical and communication skills. Preferred Qualifications
Experience with cloud-native security controls (e.g., AWS Inspector, Azure Security Center, GCP Security Command Center). Technical certifications such as OSCP, GCFA, GPEN, or other GIAC credentials. Cloud security certifications (e.g., AWS Security Specialty, Azure Security Engineer). Why Join Us?
At CFA Institute, you'll shape security outcomes that protect a global mission-driven organization. You'll collaborate with talented colleagues across SRE, engineering, and IT, have autonomy to implement automation and best practices, and see your work reflected in meaningful, measurable risk reduction. We offer a supportive culture grounded in accountability, authenticity, courage, agility, strategic thinking, growth mindset, and talent development. Expected salary range: $120,000 - $140,000. Other benefits include eligibility for annual incentives, 12% retirement employer contribution, and competitive medical benefits. All salary ranges are subject to adjustment based on experience, education, and other factors relevant to the position. CFA Institute is an equal opportunity employer and encourages applications from all qualified individuals. About CFA Institute: CFA Institute are the global leader in investment excellence and ethics. With nearly 200,000 charterholders across 160 markets, we drive professional growth, ethical behavior, and better markets. We care about our employees' well-being, offering industry-leading benefits like: Comprehensive health coverage for you and your family Generous leave and time off Competitive retirement plans Flexible work options Wellness, education, and support programs If you feel this opportunity could be the next step in your career, we encourage you to apply.