Kyndryl require a Vulnerability Response Lead to own the end‑to‑end orchestration of vulnerability response during active threat conditions.
Position: Vulnerability Response Lead- Mythos Response
Location: Canada (Remote)
Duration: 3 Months Initially, extension opportunities
Language: English (French is nice to have)
Background:
Kyndryl require a Vulnerability Response Lead to own the end‑to‑end orchestration of vulnerability response during active threat conditions. Operating within Mythos Response activities, this role transforms raw vulnerability signals into prioritized, time‑bound action—driving rapid risk reduction across the enterprise when adversaries are actively exploiting weaknesses.
This role sits at the intersection of vulnerability intelligence, asset criticality, and response execution. The Vulnerability Response Lead establishes accelerated intake and triage pipelines, enforces compressed remediation timelines for the most critical assets, and coordinates "patch wave" operations during high‑impact disclosure or exploitation events.
Qualifications:
· Extensive experience with enterprise vulnerability management at scale
· Hands‑on background with patching across operating systems, cloud platforms, and core infrastructure
· Familiarity with KEV, EPSS, SSVC, and modern vulnerability prioritization concepts
· Proven experience operating under emergency change windows and crisis‑driven timelines
· Ability to balance technical depth with decisive leadership during high‑pressure events
Responsibilities/Deliverables:
· Accelerated Intake & Triage
o Stand up and operate high-velocity vulnerability intake pipelines during Mythos Response scenarios
o Rapidly normalize, deduplicate, and triage vulnerability data from scanners, vendor advisories, and threat intelligence feeds
· Risk Re-Ranking & Decision Support
o Re-rank vulnerabilities using composite scoring models (CVSS, EPSS, KEV status, asset criticality, business impact)
o Distinguish noise from exploitation-relevant risk to focus response effort where adversaries are most likely to act
· Tiered Asset Protection
o Identify Tier 0 and Tier 1 assets critical to mission, safety, and availability
o Enforce compressed SLAs and remediation expectations during active response windows
· Patch Wave Coordination
o Coordinate mass patch testing, deployment, and rollback planning in collaboration with Patch Orchestration and infrastructure teams
o Build and operate surge workflows for large-scale "patch wave" events driven by coordinated disclosures or exploitation campaigns
· Automation & AI Enablement
o Integrate AI-assisted vulnerability classification, enrichment, and deduplication where tooling allows
o Continuously refine response workflows to reduce analyst load and increase decision velocity
· Response Leadership
o Serve as the central coordination point between vulnerability management, incident response, infrastructure, and leadership
o Provide clear prioritization, status reporting, and risk articulation throughout Mythos Response operations
#IndKyn
**Please note this is for a contract position with one of our clients and not a fulltime employment role with Kyndryl Canada**