Information Security- Lead Vulnerability Management Engineer

Position Summary:

Are you passionate about cybersecurity and eager to drive innovation? We are seeking a dynamic and forward-thinking Vulnerability Engineer to join our cybersecurity team. In this pivotal role, you will manage our vulnerability management toolset, ensuring it operates at peak performance while continuously exploring new features and processes to expand our capabilities. Your expertise will be crucial in safeguarding our systems and pushing the boundaries of what’s possible in vulnerability management.

Responsibilities:

• Ownership of our vulnerability management toolset, ensuring it runs seamlessly and efficiently.
• Lead the design, implementation, and maintenance of our vulnerability management toolsets, ensuring they are optimized for performance, scalability, and security.
• Stay ahead of the curve by keeping up with the latest features, updates, and best practices.
• Conduct scans and assessments to uncover and address security vulnerabilities.
• Collaborate with the extended team to run scans and troubleshoot any issues, providing expert guidance and support.
• Conduct in-depth data analysis on toolsets to enhance the accuracy, efficiency, and effectiveness of vulnerability reporting and drive new innovative automation ideas.
• Drive innovation by exploring new tools and techniques to enhance our vulnerability management capabilities.
• Operationalize new features and develop or update runbooks to support the extended vulnerability management team.
• Build integrations with other toolsets to enrich and streamline vulnerability management related tasks.
• Monitor and analyze emerging security threats, proactively mitigating potential risks.
• Ensure our practices align with industry standards and regulatory requirements.
• Perform architecture and security reviews on complex environments to identify vulnerabilities and assess the effectiveness of existing controls.
• Develop insightful reports on vulnerability findings and remediation efforts to senior management.
• Assist in development of vulnerability management standards and security policies, including minimum security baseline requirements.
• Maintain regular communication with Vulnerability Management Lead and organization stakeholders for collaboration, process optimization, tools tuning, and information sharing.
• Work directly with our incident response team on security issues and incidents.

Qualifications (Training, Education, & Prior Experience):

Education:

• Required – Bachelor’s degree in Computer Sciences, Information Security, Information Systems, Engineering, Sciences or related field.
• Master’s degree or advanced security certification is desirable (e.g. CISSP, CEH)
• Active participation in information security industry forums or other info security leadership organizations.

Experience:

• 6+ years of relevant experience with a strong background in vulnerability management and security engineering
• Advanced experience maintaining and running vulnerability scanning and other security testing tools (e.g., Nessus, Crowdstrike, Veracode, Snyk, HCL AppScan)
• Familiarity with vulnerability management automation platforms, such as Nucleus or Brinqa
• Advanced experience conducting vulnerability assessments and troubleshooting related issues.
• Advanced understanding of Azure services with proficiency in in KQL and Azure function/logic apps
• Experience with data visualization tools (e.g., Microsoft Power BI, Tableau)
• Personal or professional experience staying current with threats, threat actors, and TTPs.
• Experience working in a collaborative, cross-functional team environment.
• Pharmaceutical or other regulated industry experience is desirable.

Knowledge, Skills, Ability Requirements:

• High level of integrity and strong ethical values
• Strong understanding of network and system security principles
• Proficiency with vulnerability management tools
• Proficiency utilizing scripting languages (preferably Python), API integrations, and process automation.
• Excellent problem-solving and analytical skills with proficiency using an analytical and data-driven approach to answer questions.
• Ability to work independently and as part of a team.
• Strong communication and documentation skills
• Understanding of the complexity of technical or procedural challenges and the potential outcomes, ensuring management is appropriately informed.
• Adept at understanding customer challenges, navigating from problem to resolution and communicating process and resolution effectively both verbally and in writing.  Quickly escalate customer satisfaction concerns to management but does so with recommended approaches to addressing the concerns.
• Self-motivated with strong interpersonal, influencing, and problem-solving skills

Travel Requirements: 5%-10%

The following base pay range reflects the anticipated base pay for this position if a selected candidate were to
be located in (Colorado). Base pay may vary based on location and other factors.

Base Pay Range: $101,000-$145,000

The following base pay range reflects the anticipated base pay for this position if a selected candidate were to be located in (California), (NJ Remote), (NY Remote), or (Washington). Base pay may vary based on location and
other factors.

Base Pay Range: $114,000-$164,000

[This position is eligible for short-term incentive compensation.] [The position is also eligible for long-term incentive.]

We offer a competitive and comprehensive benefits package, which includes healthcare, dental coverage, and

retirement savings benefits along with paid holidays, vacation and disability insurance.

Full time

Regular

Colleague

Any unsolicited resumes sent to Zoetis from a third party, such as an Agency recruiter, including unsolicited resumes sent to a Zoetis mailing address, fax machine or email address, directly to Zoetis employees, or to Zoetis resume database will be considered Zoetis property. Zoetis will NOT pay a fee for any placement resulting from the receipt of an unsolicited resume.

Zoetis will consider any candidate for whom an Agency has submitted an unsolicited resume to have been referred by the Agency free of any charges or fees. This includes any Agency that is an approved/engaged vendor but does not have the appropriate approvals to be engaged on a search.

Zoetis is committed to equal opportunity in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, disability or veteran status or any other protected classification. Disabled individuals are given an equal opportunity to use our online application system. We offer reasonable accommodations as an alternative if requested by an individual with a disability. Please contact Zoetis Colleague Services at zoetiscolleagueservices@zoetis.com to request an accommodation. Zoetis also complies with all applicable national, state and local laws governing nondiscrimination in employment as well as employment eligibility verification requirements of the Immigration and Nationality Act. All applicants must possess or obtain authorization to work in the US for Zoetis. Zoetis retains sole and exclusive discretion to pursue sponsorship for the acquisition or maintenance of nonimmigrant status and employment eligibility, considering factors such as availability of qualified US workers. Individuals requiring sponsorship must disclose this fact. Please note that Zoetis seeks information related to job applications from candidates for jobs in the U.S. solely via the following: (1) our company website at www.Zoetis.com/careers site, or (2) via email to/from addresses using only the Zoetis domain of “@zoetis.com”. In addition, Zoetis does not use Google Hangout for any recruitment related activities. Any solicitation or request for information related to job applications with Zoetis via any other means and/or utilizing email addresses with any other domain should be disregarded. In addition, Zoetis will never ask candidates to make any type of personal financial investment related to gaining employment with Zoetis.