Lead Vulnerability Management Security Engineer

About The Position

Requirements

• BA/BS degree or equivalent experience in a relevant field
• 4+ years of hands-on experience in vulnerability management, including scanning, assessment, and remediation
• Proven success in starting and growing a vulnerability management program
• Proficiency with leading vulnerability management tools (Tenable, CrowdStrike) and scripting/automation languages (PowerShell, Python)
• Deep understanding of security frameworks and compliance standards (NIST, ISO27001/2, CIS Top 20 Controls, PCI-DSS, HIPAA)
• Strong analytical skills to identify patterns, trends, and actionable insights from complex vulnerability data
• Excellent communication skills for reporting and stakeholder engagement
• Collaborative mindset with the ability to serve as a trusted advisor across cross-functional teams
• Self-driven, strategic thinker with a passion for advancing cybersecurity programs

Nice To Haves

• Security professional certification (CISSP, CVA, GEVA, or similar) preferred

Responsibilities

• Lead the review and analysis of vulnerability data to identify trends, patterns, and key risks across Deckers’ global environment
• Facilitate vulnerability management meetings and drive risk-based discussions to prioritize and accelerate remediation efforts
• Advise and support remediation teams in developing actionable plans to address vulnerabilities and strengthen our security posture
• Perform risk-based assessments for both on-premise and cloud-based services, ensuring robust protection for critical assets
• Integrate advanced security technologies and automation tools to enhance threat detection and response capabilities
• Build and present business cases for adopting new security solutions to mitigate emerging risks
• Develop, consolidate, and maintain security metrics to measure the effectiveness of our cybersecurity program
• Apply industry-leading frameworks (NIST, ISO27001/2, CIS Top 20 Controls) to establish and maintain best-in-class security measures
• Foster strong relationships with technical teams, serving as a trusted advisor and championing a culture of security awareness
• Contribute to the strategic direction of the Technical Security team by designing and implementing tools that enhance customer trust and detect suspicious activity

Benefits

• Competitive Pay and Bonuses - We’ve created a variety of competitive compensation programs to foster career development, reward success and to show our employees just how much they’re valued.
• Financial Planning and wellbeing - No matter what financial goals our employees have set, we want to help them get there. Our plans provide powerful ways to protect income, pay for expenses and invest in the future.
• Time away from work - Sometimes we need time away to be with family, focus on our health or just simply recharge. Our plans support our employees’ needs to get out, get healthy and come back stronger than ever.
• Extras, discounts and perks - Being a valued member of the Deckers Brands team means more than just a paycheck. From generous discounts to community-based programs, we offer a variety of cool extras
• Growth and Development - Deckers Brands was built on the idea of pursuing passion. That’s why we offer extensive opportunities and support for personal and professional development.
• Health and Wellness - There’s nothing basic about our comprehensive health and wellness programs and offerings. While at work and at play, we aim to support a healthy lifestyle.