Senior Analyst, Digital Security

As an EEO/Affirmative Action Employer, all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, or veteran status.

WM, a Fortune 250 company, is the leading provider of comprehensive waste and environmental services in North America. We are strongly committed to a foundation of operating excellence, professionalism and financial strength.  WM serves nearly 25 million customers in residential, commercial, industrial and municipal markets throughout North America through a network of collection operations, transfer stations, landfills, recycling facilities and waste-based energy production projects.

To enable our business to expand our lead in a market increasingly enhanced by technology, WM is undertaking a substantial technology transformation. We are seeking talented Information Technology professionals to join the Waste Management team who are motivated to help us transform the way we design, build and use technology. With your skills and experience, we look for you to combine your technical expertise with industry best practices in an effort to align information technology solutions with Waste Management business strategy.

 

I.  Job Summary
We are seeking an experienced and proactive Vulnerability Management, Sr. Engineer to lead and enhance our organization’s vulnerability management program. This role will be pivotal in ensuring the security of our systems, applications, and networks by identifying, analyzing, and managing vulnerabilities effectively. The ideal candidate will have a strong technical background, leadership skills, and the ability to collaborate across various teams to reduce the organization’s attack surface and enhance its security posture.

 

II. Essential Duties and Responsibilities

To perform this job successfully, an individual must be able to perform each duty satisfactorily.  Other ancillary duties may be assigned. 

• Develop, implement, and oversee the organization's vulnerability management and application security programs, ensuring alignment with industry standards and compliance requirements.
• Establish and enforce policies and procedures for vulnerability assessment, prioritization, and remediation.
• Manage the end-to-end vulnerability assessment lifecycle, including scanning, analysis, and reporting.
• Oversee the configuration and operation of vulnerability scanning tools and platforms.
• Support periodic penetration testing and work with third-party vendors for advanced security testing.
• Collaborate with IT, DevOps, and business teams to prioritize and remediate vulnerabilities.
• Track remediation efforts and provide regular status updates to stakeholders.
• Develop and communicate risk-based vulnerability metrics and KPIs to measure program effectiveness.
• Partner with system owners, developers, and IT operations to integrate vulnerability management processes into the development and operational workflows.
• Provide guidance and mentorship to team members, fostering a culture of security awareness.
• Generate detailed reports and executive summaries on vulnerabilities, risks, and remediation progress for technical teams and leadership.
• Advise senior management on emerging vulnerabilities and the organization’s overall vulnerability risk profile.
• Participate in emerging threat reduction activities as needed.
• Responsible for sustaining continuous improvement efforts:
  • Stay updated on the latest security vulnerabilities, exploits, and threat trends.
  • Recommend and implement improvements to tools, processes, and technologies used in vulnerability management and application security.
• Ability to present technical findings to non-technical stakeholders in a clear and concise manner.

III.  Supervisory Responsibilities
May coach and mentor less-experienced analysts and act as team leader on systems projects.

 

IV.  Qualifications

The requirements listed below are representative of the qualifications necessary to perform the job. 

 

A.  Education and Experience

• Education: Bachelor's degree (accredited) in Computer Science, MIS, Business Administration or similar area of study, or in lieu of degree, High School Diploma or GED (accredited) and 4 years or relevant work experience.
• Experience: Five years of experience in cybersecurity with a focus on vulnerability management and application security

B.  Certificates, Licenses, Registrations or Other Requirements
Must possess one of the following or will obtain one within the next 12 months: 

• Certified Information Systems Security Professional (CISSP)
• Certified Information Systems Auditor (CISA)
• Certified Information Security Manager (CISM)

C. Other Knowledge, Skills or Abilities Required

Advanced knowledge or skills in one or more of the following is required:

• Knowledge of threat and vulnerability and/or identity related processes and technology.
• Proficiency in vulnerability management tools such as Qualys, Core Impact, WebInspect, etc.
• Strong communication and interpersonal skills to work effectively with cross-functional teams.
• Strong knowledge of operating systems (Windows, Linux, macOS), networks, public cloud providers (AWS, Azure, GCP).
• Strong analytical and problem-solving skills.
• Effective communication skills for explaining complex cybersecurity issues to technical and non-technical stakeholders.
• Ability to effectively manage teams and multiple projects simultaneously.
• Proactive approach to identifying and addressing cybersecurity challenges.

D. Other Knowledge, Skills or Abilities Required

• Hands on experience with vulnerability management and application security solutions.
• Track record of successful risk reduction and collaborating with business partners.
• Related technology certifications for modern vulnerability management and application security solutions.
• Familiarity using threat intelligence to enhance vulnerability discovery and prioritization..

V.  Work Environment
Listed below are key points regarding environmental demands and work environment of the job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of the job.

 

Normal setting for this job is: office setting.
 
Benefits
At WM, each eligible employee receives a competitive total compensation package including Medical, Dental, Vision, Life Insurance and Short Term Disability.  As well as a Stock Purchase Plan, Company match on 401K, and more!  Our employees also receive Paid Vacation, Holidays, and Personal Days.  Please note that benefits may vary by site.

If this sounds like the opportunity that you have been looking for, please click Apply.

ABOUT WM WM (WM.com) is North America’s largest comprehensive waste management environmental solutions provider. Previously known as Waste Management and based in Houston, Texas, WM is driven by commitments to put people first and achieve success with integrity. The company, through its subsidiaries, provides collection, recycling and disposal services to millions of residential, commercial, industrial and municipal customers throughout the U.S. and Canada. With innovative infrastructure and capabilities in recycling, organics and renewable energy, WM provides environmental solutions to and collaborates with its customers in helping them achieve their sustainability goals. WM has the largest disposal network and collection fleet in North America, is the largest recycler of post-consumer materials and is the leader in beneficial reuse of landfill gas, with a growing network of renewable natural gas plants and the most gas-to-electricity plants in North America. WM’s fleet includes nearly 11,000 natural gas trucks – the largest heavy-duty natural gas truck fleet of its kind in North America – where more than half are fueled by renewable natural gas. To learn more about WM and the company’s sustainability progress and solutions, visit Sustainability.WM.com.