Vulnerability Management Manager
Irvine, United States
Full Time Senior-level / Expert USD 142K - 293K
“I can succeed as a Vulnerability Management Manager at Capital Group.”
As a Vulnerability Management Manager, you will lead and develop the Security Operations Vulnerability Management team who proactively identify, analyze, prioritize, track to remediation and report vulnerability risk within CG’s technology systems.
Responsibilities:
You will be responsible for the proactive identification, assignment, and remediation accountability of vulnerabilities and misconfigurations on CG technology systems
You will ensure the consistent assessment of vulnerability risk through application of industry intelligence and knowledge of CG’s technology environment
You will provide vulnerability and/or misconfiguration remediation guidance, risk-awareness, and education to engineering and development teams
You will regularly report KRIs, identify root causes and drive solutions for improving vulnerability remediation performance with technology leadership
You will ensure past due vulnerabilities are escalated to leadership and exception processes are executed in alignment with risk acceptance frameworks and policies
You will mature team processes, tooling and relevant documentation in support of continuous improvement measured through OKRs, KPIs and KRIs
You will ensure compliance to regulatory expectations and proactively identify needed process changes
You will provide recommendations that continuously improve risk severity calculations and remediation assignments
You will establish and maintain KPIs that measure the performance and coverage of vulnerability scanner appliances, schedules, and scopes to ensure accurate, timely and complete scan results
“I am the person Capital Group is looking for.”
In addition to team leadership and direct report development, the ideal candidate will have diverse experiences in a wide variety of Information Technology systems, vulnerabilities, misconfigurations, risk management, data analysis, and influencing organizational change through strong relationship and consulting skills.
You have 8+ years of experience in managing security risk and driving mitigation activities
You have a bachelor's degree in computer science, information security or related field (or equivalent work experience)
You have experience leading and developing a team in a people management role
You have experience designing and implementing operational processes to ensure delivery and improvement of target KPIs and KRIs
You are comfortable articulating vulnerability risk and influencing change with a wide variety of audiences
You have a strong understanding of application and infrastructure vulnerabilities, how they are exploited and mitigated
You have demonstrated experience in identifying actionable insights from large, complex data sets
You have a broad understanding of legacy and modern IT infrastructure and application stacks
You have experience with public cloud infrastructure, common misconfigurations, and recommended architectures (AWS, Azure, GCP)
You hold security related certifications (CISSP, GIAC, CISA, CISM)
You hold public cloud provider certifications (AWS, Azure, GCP)
You have hands on experience with scripting languages such as Python, Powershell
Southern California Base Salary Range: $173,211-$277,138
San Antonio Base Salary Range: $142,394-$227,830
New York Base Salary Range: $183,613-$293,781
In addition to a highly competitive base salary, per plan guidelines, restrictions and vesting requirements, you also will be eligible for an individual annual performance bonus, plus Capital’s annual profitability bonus plus a retirement plan where Capital contributes 15% of your eligible earnings.
You can learn more about our compensation and benefits here.
* Temporary positions in Canada and the United States are excluded from the above mentioned compensation and benefit plans.
We are an equal opportunity employer, which means we comply with all federal, state and local laws that prohibit discrimination when making all decisions about employment. As equal opportunity employers, our policies prohibit unlawful discrimination on the basis of race, religion, color, national origin, ancestry, sex (including gender and gender identity), pregnancy, childbirth and related medical conditions, age, physical or mental disability, medical condition, genetic information, marital status, sexual orientation, citizenship status, AIDS/HIV status, political activities or affiliations, military or veteran status, status as a victim of domestic violence, assault or stalking or any other characteristic protected by federal, state or local law.
Tags: AWS Azure CISA CISM CISSP Cloud Compliance Computer Science GCP GIAC IT infrastructure KPIs OKR PowerShell Python Risk management Scripting Vulnerabilities Vulnerability management
Perks/benefits: Competitive pay Health care Salary bonus
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.