IT Vulnerability Manager

Advanced EnergyDenver, CO
11dOnsite
Match Resume

About The Position

The Vulnerability Manager will be responsible for identifying, tracking, coordinating, and verifying remediation of vulnerabilities in internal and external landscapes. The individual in this role is expected to have a general understanding of many different systems, applications, and business processes across the company. The Vulnerability Manager will understand operating systems (both physical and virtualized), applications, networking and cloud infrastructure concepts, and known exploitable vulnerabilities as well as emerging threats. Working closely with the IT Infrastructure, Network, and Applications teams, the Vulnerability Manager will collaborate identification and remediation of vulnerabilities as well as the overall attack surface. The role is highly technical, and the Vulnerability Manager is expected to have a diverse understanding of cybersecurity principles, enterprise level systems, and business process dependencies. This role will stay up to date with the evolving threat landscape, potential impact, and risk on advanced technologies, as well as legacy systems and applications. The Vulnerability Manager will take an active lead to inform, advise and collaborate with technology leadership and business units to secure the confidentiality, integrity, and availability of company assets. The manager will regularly report on the state of vulnerabilities and metrics to Information Security and IT Leadership. The ability to collaborate with multiple teams and take a pragmatic approach, while at the same time possessing a sense of urgency when required, is essential. The Vulnerability Manager will support strategic initiatives driven by Information Security and IT Leadership for short- and long-term plans to identify, protect, and reduce the attack surface across company assets. This position will report to the Director of Information Security.

Requirements

  • Understanding of Windows and nix operating systems, endpoint applications and networking.
  • Understanding of OWASP, CVSS and MITRE ATT&CK framework and the software development lifecycle.
  • Capacity to comprehend complex technical infrastructure, managed services and third-party dependencies.
  • Strong written and oral communication skills across varying levels of the organization.
  • At least five years of experience in security operations, vulnerability management or IT Operations.
  • Experience with vulnerability management across common cloud platforms.
  • Bachelor's degree in cybersecurity, computer science, engineering, or a related field.

Nice To Haves

  • Preferably one or more certification such as, GEVA, GSOC, CISA, CISSP.

Responsibilities

  • Monitor for vulnerabilities within applications, technology assets, networks, cloud services, and other elements of the threat landscape.
  • Collaborate with IT and Security Operations to manage internal- and external-facing systems to identify, track and remediate system and application vulnerabilities.
  • Support IT operations in remediating system and application vulnerabilities.
  • Conduct continuous discovery, assessment and remediation status of in-scope vulnerabilities.
  • Prioritize vulnerability remediation based on criticality, exploit probability, rating and assessed risk.
  • Document, prioritize, recommend, validate and report on the state of vulnerabilities.
  • Recommend tactical options to reduce attack surface, containment alternatives and impede attackers.
  • Work closely with infrastructure teams to advise and support remediation efforts to close vulnerability exposure to monitored threats.
  • Remain current with emerging threats and share knowledge with colleagues to improve security posture.
  • Define key performance indicators and metrics to illustrate efficacy and program maturity for vulnerability management.
  • Maintain documentation related to vulnerability policies and procedures.
  • Assist with host and application hardening (including benchmark assessments) across company-wide assets.
  • Serve as a point of contact for new and existing vulnerability-related issues.
  • Assist with change management operations to ensure new vulnerabilities are not introduced.
  • Provide vulnerability education and guidance to stakeholders, developers, IT and business leaders as needed.
  • Availability to work nonstandard business hours to respond to and mitigate critical threats.
  • Perform other duties as assigned.

Benefits

  • Medical - multiple medical plans are available to choose from
  • Short and long-term disability and life insurance
  • Health savings and flexible spending accounts
  • Generous time off policy starting with 3 weeks of paid vacation, 7 days of paid sick time, and 12 paid holidays
  • 8 hours of paid volunteer time off
  • 8 weeks of paid parental leave for both Moms and Dads
  • Company matched 401(k)
  • Tuition reimbursement
  • Expanded mental health coverage and employee assistance programs
  • Other voluntary benefits include critical illness, accident and hospital indemnity, pet insurance, identify theft, and legal assistance

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Job Search Resources

Similar IT Vulnerability Manager job opportunities

IT Vulnerability Management Lead
ICF
ICF • Bethesda, MD3d • $107,936 - $183,491 • Onsite
IT Risk & Vulnerability Analyst
Talan
Talan • New York, NY5d • $100,000 - $145,000
IT Vulnerability Management Lead
ICF
ICF • Bethesda, MD11d • Onsite
IT Infrastructure Engineer – Vulnerability Management
Indigo Beam
Indigo Beam • Santa Clarita, CA12d • Remote
Senior Vulnerability Manager
Keeper Security
Keeper Security • El Dorado Hills, CA2d • Remote
Manager Vulnerability Management
Citizens Financial Group
Citizens Financial Group • Iselin, NJ2d • Hybrid
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service