Vulnerability Management and Cyber Controls Lead
Apollo Global Management
Position Overview
At Apollo, we’re a global team of alternative investment managers passionate about delivering uncommon value to our investors and shareholders. With over 30 years of proven expertise across Private Equity, Credit, and Real Estate, we’re known for our integrated businesses, strong investment performance, and value-oriented philosophy — all powered by our people.
Role Overview
Apollo is seeking a Vulnerability Management and Cyber Controls Lead to join our dynamic and growing Cybersecurity organization. This individual will own and evolve the firm’s global Vulnerability Management (VM) program — driving continuous improvement toward a best-in-class capability.
This is a technical and hands-on role, responsible for end-to-end processes spanning external exposure management, imminent threat response, vulnerability identification and prioritization, and facilitation of remediation across infrastructure, applications, and cloud environments.
The ideal candidate combines deep technical expertise with strategic vision — able to design, operate, and improve scalable, data-driven solutions that strengthen Apollo’s overall security posture.
Primary Responsibilities
Own and mature the global Vulnerability Management program, covering external exposure, imminent threats, vulnerability identification and prioritization, and remediation facilitation.
Serve as the technical subject matter expert for vulnerability management tools and processes (e.g., Tenable, Qualys, Rapid7, or equivalent).
Continuously assess and improve VM processes to achieve best-in-class coverage, efficiency, and visibility.
Leverage automation, analytics, and threat intelligence to enhance accuracy and reduce remediation timelines.
Operate and optimize scanning platforms, discovery tooling, and reporting pipelines to ensure comprehensive asset visibility.
Partner with Infrastructure, Engineering, Application, and Cloud teams to drive effective risk reduction across environments.
Lead critical vulnerability identification and response exercises, including analysis of zero-day or imminent threats.
Develop and maintain metrics, dashboards, and executive-level reporting on vulnerability posture, remediation progress, and program maturity.
Collaborate with Enterprise Risk, Internal Audit, and Application Security teams to ensure alignment with firm-wide risk management practices.
Maintain ownership of service delivery quality, issue resolution, and stakeholder communication.
Stay current with industry trends, threat intelligence, and evolving tools to proactively strengthen Apollo’s defenses.
Qualifications & Experience
7+ years of experience in Cybersecurity, Infrastructure Security, or Vulnerability Management.
Technical proficiency across network, system, and application layers — including scanning methodologies, asset discovery, and exploit analysis.
Hands-on experience operating and tuning vulnerability management tools (e.g., Tenable.io, Qualys VMDR, Rapid7 InsightVM) and discovery utilities (e.g., Nmap, SSLScan, Shodan, or custom scripts).
Experience leveraging threat intelligence and CVSS/CISA/EPSS data for vulnerability prioritization.
Strong understanding of cloud infrastructure (AWS, Azure, GCP) and modern application stacks.
Proficiency in scripting or automation (e.g., Python, PowerShell, Bash) and query-based data analysis (SQL, Excel, or equivalent).
Demonstrated success in building and optimizing technical processes at scale; experience designing metrics, dashboards, and analytics (Tableau, PowerBI, or similar).
Ability to partner across technical and business teams, influence remediation activities, and communicate risk in clear, actionable terms.
Knowledge of IT processes, secure configuration baselines, and control frameworks (CIS, NIST, ISO, FFIEC).
Experience in financial services or other highly regulated environments preferred.
Consulting or architecture background a plus.
Pay Range
$140,000 – $205,000Apollo Global Management, Inc. (together with its subsidiaries and affiliates) is committed to championing opportunity.
The firm and its affiliates comply with applicable discrimination and equal opportunities legislation in all of its jurisdictions and do not discriminate in employment or recruitment based on race, color, religion, gender, national origin, veteran status, disability, age, citizenship, marital or domestic/civil partnership status, sexual orientation, gender identity or expression or any other protected characteristic under applicable law.
The contents of the qualifications and experience section of this job description are a guideline only. If an applicant can otherwise demonstrate their suitability for the role they will be considered.
The base salary range for this position is listed above. This position is also eligible for a discretionary annual bonus based on personal, team, and Firm performance. Compensation ranges are based on several factors including job function, level, and geographic location. Final offer amounts are determined by multiple factors including candidate experience and expertise, and may vary from the amounts listed here.