Vulnerability Management Program Specialist

Ottawa, ON, Canada

Applications have closed

ADGA Group Consultants Inc

Brilliant Minds. Critical Challenges. Proven Solutions. Solving complex problems for our clients across the Canadian defence, public, and commercial sectors.

View company page

Company Description

Founded in 1967, ADGA is a privately owned and operated Canadian company. We employ over 700 highly skilled team members who apply their knowledge and expertise in service delivery of advanced technology solutions for clients in the Defence, Security and Professional Services markets across Canada.

Celebrating over 50 years in business, we are proud to be one of Canada’s most trusted professional engineering and consultancy firms. Our clients continue to rely on ADGA to provide subject matter expertise, and quality talent to fulfill their business objectives. We have done so successfully by anticipating and responding to the constant changes in technology, and evolving with agility.

Our culture of commitment, trust, and accountability guides our business, fosters our growth, and is at the core of our relationships with clients, employees and consultants. Whether your projects are complex, large-scale requirements, or dependable, professional resources to execute on time, and on budget, you can count on ADGA to deliver. We are dedicated to your success.

Job Description

ADGA Group Consultants Inc. is hiring a Vulnerability Management Program Specialist. 

As the Vulnerability Management Program Specialist, you will play a pivotal role in a comprehensive project aimed at building a robust Vulnerability Management (VM) program for our client. This involves creating governance models, policies, and remediation execution models. While this initial phase does not involve tool implementation, your expertise is crucial for shaping the program's foundation.

Your responsibilities will include defining VM program's governance model, policies, and remediation execution model, focusing on roles (RACI) and key performance indicators (KPIs). You'll also establish scan policies, covering frequency, types, and target selection.

In addition, you will play a pivotal role in ensuring the security of our organization's digital assets. This includes prioritizing and categorizing vulnerabilities, defining workflows, and setting SLAs/KPIs for remediation efforts.

You'll oversee the development and enhancement of our client's VM Program, defining its scope, identifying gaps, and recommending suitable tools. A key deliverable is a comparison report on vulnerability management platforms and suggesting a platform of choice to guide our client's decision-making.

Key Responsibilities:

  • Define the scope of the Vulnerability Management Program.
  • Identify gaps between the current state and the desired state of the Vulnerability Management Program.
  • Recommend and select Vulnerability Management tools based on industry standards and best practices.
  • Develop a concise overview of the technological architecture required for the Vulnerability Management program, focusing on tool selection and integration.
  • Construct a strategic roadmap outlining key milestones and timelines for the Vulnerability Management program's development, providing a clear trajectory for implementation.
  • Develop and update governance models to ensure effective program oversight.
  • Develop and update Vulnerability Management program policies.
  • Identify and update key stakeholders and define their roles and responsibilities within the program.
  • Define and update vulnerability prioritization and categorization policies and workflows.
  • Establish and update vulnerability remediation and retest workflows, including RACI and SLAs/KPIs.


  • Bachelor's degree in Computer Science, Information Security, or a related field (Master's degree preferred).
  • Proven experience in developing and implementing Vulnerability Management Programs.
  • In-depth knowledge of industry-leading vulnerability assessment and management tools such as Tenable, Qualys, Rapid7, OWASP, and SolarWinds.
  • Strong understanding of cybersecurity best practices, standards, and frameworks.
  • Excellent analytical and problem-solving skills.
  • Effective communication and collaboration abilities.
  • Relevant certifications (e.g., CISSP, CISM, CompTIA Security+) preferred.

Additional Information

  • Must currently hold Federal Government Secret Clearance 
  • Copies of Degree/Diploma/Certifications will be required 

ADGA commits to putting diversity into action to build a stronger, more representative team and help our customers and communities thrive. We are a proudly Canadian company, striving to further diversity, equity, and inclusion in the workplace and provide every individual with the opportunities and resources to help them reach their full potential.

Since being acquired by Commissionaires Ottawa, ADGA has adopted the social mandate of Commissionaires to create meaningful employment opportunities and generate financial resources for veterans of the CAF, RCMP, their families, and fellow citizens who share a passion to contribute to the security and well-being of Canadians.

ADGA s'engage à mettre la diversité en action pour bâtir une équipe plus forte et plus représentative et aider nos clients et nos communautés à prospérer. Nous sommes une entreprise fièrement canadienne. Nous nous engageons pour promouvoir la diversité, l'équité et l'inclusion dans le milieu de travail et d'offrir à chaque personne les possibilités et les ressources qui lui permettront de réaliser son plein potentiel.

Depuis son acquisition par Les Commissionnaires Ottawa, ADGA a adopté le mandat social de Les Commissionnaires qui consiste à créer des possibilités d'emploi significatives et à générer des ressources financières pour les anciens combattants des FAC, de la GRC, leurs familles et leurs concitoyens qui partagent la passion de contribuer à la sécurité et au bien-être des Canadiens.

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: CISM CISSP Clearance CompTIA Computer Science Governance KPIs OWASP Qualys SLAs Vulnerabilities Vulnerability management

Perks/benefits: Career development Equity

Region: North America
Country: Canada
Job stats:  16  1  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.