Director, Vulnerability Management

Director, Vulnerability Management

Hello. We’re Haleon. A new world-leading consumer health company. Shaped by all who join us. Together, we’re improving everyday health for billions of people. By growing and innovating our global portfolio of category-leading brands – including Sensodyne, Panadol, Advil, Voltaren, Theraflu, Otrivin, and Centrum – through a unique combination of deep human understanding and trusted science. What’s more, we’re achieving it in a company that we’re in control of. In an environment that we’re co-creating. And a culture that’s uniquely ours. Care to join us. It isn’t a question.

With category leading brands such as Sensodyne, Voltaren and Centrum, built on trusted science and human understanding, and combined with our passion, knowledge and expertise, we’re uniquely placed to do this and to grow a strong, successful business.

This is an exciting time to join us and help shape the future. It’s an opportunity to be part of something special.

About the role

The Director of Vulnerability Management will play a pivotal role in establishing and overseeing comprehensive security measures within the organization. This position will be responsible for building, managing, and leading high-performing teams specializing in Vulnerability Management (IT and OT), Application Security, Cloud Security and Penetration Testing. Their strategic vision and technical expertise will be crucial in ensuring the protection of organizational assets, maintaining a robust security posture, and fostering a proactive security culture.

Key responsibilities

• Develop and communicate a strategic vision for vulnerability management, application security, and penetration testing aligned with the organization's overall security goals.
• Establish and maintain a robust vulnerability management program (IT and OT), including regular scanning, assessment, and prioritization of vulnerabilities based on risk.
• Drive the development and implementation of effective remediation strategies, collaborating with IT and development teams to ensure timely and efficient resolution of identified vulnerabilities.
• Lead the development and implementation of application security best practices, ensuring secure coding standards, regular code reviews, and the integration of security into the software development lifecycle.
• Oversee the planning and execution of penetration testing activities to identify and assess vulnerabilities in infrastructure, applications, and networks.
• Develop and maintain comprehensive reports and metrics on the organization's security posture, vulnerabilities, and remediation progress for executive leadership and stakeholders.

Basic Qualifications

Educational Background:

Bachelor’s degree in Cybersecurity, Information Technology, Criminal Justice, or equivalent work experience. A Master’s degree is preferred.

Professional Experience:

• Minimum of 10 years of experience in IT, with at least 3 years in a leadership role focused on vulnerability management, application security and penetration testing.
• Extensive experience in managing and leading teams responsible for identifying, assessing, and mitigating vulnerabilities.
• Proven track record of developing and implementing successful vulnerability management programs.
• Demonstrated ability to oversee and conduct penetration testing and application security assessments.

Certifications:

• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Offensive Security Certified Professional (OSCP) or equivalent penetration testing certification
• GIAC Certified Penetration Tester (GPEN) or equivalent

Please save a copy of the job description, as this may be helpful to refer to once the advert closes.

Diversity, Equity and Inclusion

At Haleon we embrace our diverse workforce by creating an inclusive environment that celebrates our unique perspectives, generates curiosity to create unmatched understanding of each other, and promotes fair and equitable outcomes for everyone.

We’re striving to create a climate where we celebrate our diversity in all forms by treating each other with respect, listening to different viewpoints, supporting our communities, and creating a workplace where your authentic self belongs and thrives.

We believe in an agile working culture for all our roles. If flexibility is important to you, we encourage you to explore with our hiring team what the opportunities are.

Care to join us. Find out what life at Haleon is really like www.haleon.com/careers/

At Haleon we embrace our diverse workforce by creating an inclusive environment that celebrates our unique perspectives, generates curiosity to create unmatched understanding of each other, and promotes fair and equitable outcomes for everyone. We're striving to create a climate where we celebrate our diversity in all forms by treating each other with respect, listening to different viewpoints, supporting our communities, and creating a workplace where your authentic self belongs and thrives. We believe in an agile working culture for all our roles. If flexibility is important to you, we encourage you to explore with our hiring team what the opportunities are.

As you apply, we will ask you to share some personal information, which is entirely voluntary. We want to have an opportunity to consider a diverse pool of qualified candidates and this information will assist us in meeting that objective and in understanding how well we are doing against our inclusion and diversity ambitions. We would really appreciate it if you could take a few moments to complete it. Rest assured, Hiring Managers do not have access to this information and we will treat your information confidentially.

Haleon is an Equal Opportunity Employer. All qualified applicants will receive equal consideration for employment without regard to race, color, national origin, religion, sex, pregnancy, marital status, sexual orientation, gender identity/expression, age, disability, genetic information, military service, covered/protected veteran status or any other federal, state or local protected class.

Please note that if you are a US Licensed Healthcare Professional or Healthcare Professional as defined by the laws of the state issuing your license, Haleon may be required to capture and report expenses Haleon incurs, on your behalf, in the event you are afforded an interview for employment. This capture of applicable transfers of value is necessary to ensure Haleon’s compliance to all federal and state US Transparency requirements.