Risevoic
Vulnerability Management Application Security Lead
Company : Nautilus Insurance Company
Location : Wilmington, DE, 19809
Job Type : Full Time / Part Time
Date Posted : 1 January 2026
Company Details
Company URL: https://www.berkleytechnologyservices.com/
Berkley Technology Services (BTS) is the dynamic technology solution for W. R. Berkley Corporation, a Fortune 500 Commercial Lines Insurance Company. With key locations in Urbandale, IA and Wilmington, DE, BTS provides innovative and customer-focused IT solutions to the majority of WRBC’s 60+ operating units across the globe. BTS’s wide reach ensures that ideas and opinions are considered at every level of the organization to guarantee we find the best solutions possible.
Driven by a commitment to collaboration, BTS acts as consultants to our customers and Operating Units by providing comprehensive solutions that not only address the challenge at hand, but proactively plan for the “What’s Next” in our industry and beyond.
With a culture centered on innovation and entrepreneurial spirit, BTS stands as a community of technology leaders with eyes toward the future -- leaders who truly care about growing not only their team members, but themselves, and take pride in their employees who shine. BTS offers endless ways to get involved and have the chance to grow your career into a wide range of roles you'd never known existed. Come join us as we push forward into the future of industry leading technological solutions.
Berkley Technology Services: Right Team, Right Technology, Simple and Secure.
Responsibilities
The Vulnerability Management Application Security Lead works within Berkley’s Information Security team, interacting directly with stakeholders to address issues related to remediation of vulnerability scanning and assessment. The Vulnerability Management Analyst’s support activities are focused on helping key stakeholders understand their vulnerability results, providing guidance on the remediation of failing threats, and evaluating false positives.
Maintain and improve upon, as necessary, the existing vulnerability management program, including maintenance of documents, procedures, reporting, and stakeholder communications. Provide guidance to stakeholders in support of vulnerability management services, which includes, but is not limited to, sharing goals and road maps of vulnerability management. Analysis and validation of scan/assessment results communicated to clients through reporting and results-review meetings. Provide stakeholders with remediation recommendations and guidance, up to and including remediation tracking and reporting. Provide stakeholders reports that provide the most value based on security maturity and established vulnerability management goals. This requires the ability to be adaptive in report parameters and formats depending on stakeholder needs and target audience. Ability to use analyze large amounts of data using Microsoft and other business tools to report on enterprise level vulnerability data.
Key Responsibilities:
- Lead Security Initiatives: Spearhead and enhance our application security efforts, including penetration testing and static code analysis.
- Innovate and Optimize: Evaluate and implement improvements to our security tools and explore new technologies to strengthen our security posture.
- Code Analysis and Remediation: Lead projects to continuously analyze source code, identify vulnerabilities, and implement remediation strategies.
- Compliance Management: Oversee the enterprise-wide compliance scanning process to quickly identify and address potential risks.
- Stakeholder Communication: Regularly update and secure buy-in from global engineering, business operating units, security management, and senior leadership teams on the status of Application Security projects.
Qualifications
- Experience: Minimum of 5+ years in Information Security or a related field, with expertise in security compliance, penetration testing, vulnerability management, and static code analysis.
- Leadership: Prior experience in project leadership or as a team lead is preferred.
- Education: Bachelors Degree in Computer Science, Information Technology, Information Systems, or a related discipline. Equivalent experience and/or alternative qualifications will be considered.
- Technical Proficiency: Skilled in commonly used penetration testing tools, web application scanning tools, and static code analysis tools (e.g., Veracode, Fortify, Checkmarx).
- Stakeholder Engagement: Proven ability to engage and secure buy-in from business, technical, and executive stakeholders.
The Company is an equal employment opportunity employer.
Related Jobs
Joliet, IL
Top trending job titles hiring now
Popular Searches for Security Lead
Frequently asked questions
Mastery in penetration testing, static code analysis tools like Veracode and Fortify, alongside experience in vulnerability scanning and remediation, are essential. Wilmington's tech landscape favors professionals adept at translating complex security data into actionable insights that align with enterprise risk management strategies.
Professionals often progress from vulnerability analyst roles to leadership positions managing cross-functional security teams. Wilmington's growing emphasis on cybersecurity within insurance and finance sectors offers opportunities to expand into security program management and strategic compliance leadership.
Balancing extensive stakeholder communications while tailoring vulnerability reports to diverse technical and executive audiences is critical. The role demands continuous adaptation of remediation strategies to evolving threats, ensuring compliance within a heavily regulated insurance framework.
While global certifications like CISSP and CEH are valuable, regional industry groups in Delaware emphasize practical knowledge of compliance standards relevant to insurance technology. Networking with local security forums can provide insights into preferred qualifications that boost candidacy.
Wilmington is experiencing steady growth in cybersecurity hiring due to its concentration of financial and insurance firms. While not as saturated as Silicon Valley or NYC, competition remains robust, favoring candidates with leadership experience and a solid grasp of application security in regulated industries.
Nautilus, through Berkley Technology Services, fosters innovation and collaboration. Leaders are expected to be entrepreneurial, proactive in driving security initiatives, and skilled at mentoring teams while engaging diverse stakeholders to align security efforts with business goals.
The average compensation typically ranges from $120,000 to $150,000 annually, influenced by experience and certifications. Wilmington's cost of living supports competitive salaries, especially within established insurance firms prioritizing robust application security leadership.
Nautilus leverages its Vulnerability Management Lead to orchestrate enterprise-wide scanning, remediation tracking, and stakeholder engagement, ensuring security initiatives align with corporate risk tolerance and compliance mandates, thus embedding application security into the organizational fabric.
This role uniquely blends hands-on technical vulnerability assessment with high-level stakeholder management across global units. Nautilus’s emphasis on innovation and continuous improvement offers a dynamic environment for security leaders seeking to influence both technology and business strategy.
Wilmington’s manageable traffic and public transit options facilitate daily commuting. However, the company’s tech-forward culture may offer flexible arrangements, balancing in-person collaboration with remote work to accommodate security team needs effectively.