Threat & Vulnerability Management Manager

Job Description

Company Summary

Constellation Brands is a leading international producer and marketer of beer, wine and spirits with operations in the U.S., Canada, Mexico, New Zealand and Italy. We offer a wide range of exciting career opportunities in sales, marketing, operations, production, finance and administration. As a part of the Constellation team, employees are encouraged to improve their skills and performance throughout their careers through various professional and educational development programs. Constellation provides a robust onboarding program in addition to ongoing training initiatives to help employees integrate into the organization quickly and maximize their growth potential.

TVM (Threat and Vulnerability Management) Program Manager

The TVM Program Manager is a seasoned security expert with the ability to lead, educate, and influence diverse technology delivery teams supporting a broad spectrum of business and technology solutions. The ideal candidate brings deep expertise in application, infrastructure, and data security, with a strong background in vulnerability and threat management.

This role requires a hands-on approach to analyzing security vulnerabilities and threats, collaborating with IT and OT subject matter experts to prioritize and drive the remediation of high-risk weaknesses. The TVM Program Manager will play a critical role in reporting and ensuring effective risk mitigation.

The successful candidate will be well-versed in IT and OT security vulnerability scanning tools and practices, including but not limited to Tenable, Onapsis, Nucleus, and patch and configuration management for both Windows and Linux environments. Proficiency with attack simulators, application security scanning tools, and cloud security monitoring platforms is essential.

We are seeking a self-starter with exceptional interpersonal and team-building skills, capable of fostering collaboration and driving results across diverse teams.

What You Will Do as a TVM Program Manager

• Lead cross-functional teams and subject matter experts (SMEs) across diverse IT and OT environments, driving collaboration and alignment on security initiatives.
• Collaborate with SMEs to develop and implement primary and compensating controls to address recurring security vulnerabilities, ensuring long-term risk mitigation.
• Oversee the production of weekly, monthly, quarterly, and annual reports on security vulnerabilities and threats, assigning clear ownership for remediation and tracking progress.
• Partner with external consultants and managed service providers to establish and mature an enterprise-wide vulnerability and threat management program, ensuring best-in-class practices and outcomes.

Key Relationships

• The TVM Program Manager is tasked with embedding consistent security practices across enterprise applications, infrastructure, and data capabilities. To achieve this, the leader must collaborate across a wide array of internal and external organizations. This includes engaging with stakeholders from diverse disciplines, such as senior corporate leadership, the board of directors, line-of-business (LOB) managers, IT staff, HR, legal, audit, compliance, information and physical security teams, and facilities management.

Qualifications

At least 6-10 years of experience in Information Security, involving Security Vulnerability and Threat Management programs, including:

• Experience in defining, implementing, and enforcing standards, processes, and procedures for responding to disruptions in business or IT operations.
• Infrastructure security vulnerability detection, analysis, and remediation.
• Application security vulnerability detection, analysis, and remediation.
• Data security vulnerability detection, analysis, and remediation.
• Cloud security vulnerability detection, analysis, and remediation.
• Overall program management and governance.

• Proven strategic leadership and relationship management capabilities, including experience with internal stakeholders — particularly senior and LOB management, as well as customers, external business partners and third-party service providers.
• Proven competency in executing large projects, on time and within budget, with business and IT personnel.
• Experience leading and managing high-performance multidisciplinary workgroups or teams to meet goals across multiple projects.
• Experience in creating and defining new operational models and procedures and explaining complex problems or situations.
• Extensive experience in leading and managing groups of self-directed professionals.
• A true business leader, not simply an IT or other operational specialist — strong leadership and communication skills are essential criteria for this position, because the DR program leader's success depends heavily on cooperation and commitment from every level of Constellation Brand's business, and from personnel in many different roles.
• Proven ability to work under stressful conditions, such as business-related crises.

Education, Certifications, and Other

• Bachelor’s degree in computer science, Engineering or Management Information Systems preferred or related work experience.
• CISSP certification or equivalent.
• Ability to travel both domestically and internationally including Mexico.

Location

Rochester, New York

Additional Locations

Chicago, Illinois, Virtual - US

Job Type

Full time

Job Area

Information Technology

The salary range for this role is:

$96,500.00 - $205,500.00

This is the lowest to highest salary we in good faith believe we would pay for this role at the time of this posting.  Our compensation is based on cost of labor. For remote locations or positions open to multiple locations, the pay range may reflect several US geographic markets, including the lowest geographic market minimum to the highest geographic market maximum. We may ultimately pay more or less than the posted range, and the range may be modified in the future. An employee’s pay position within the salary range will be based on several factors including, but not limited to, the prevailing minimum wage for the location, relevant education, qualifications, certifications, experience, skills, seniority, geographic location, performance, shift, travel requirements, sales or revenue-based metrics, any collective bargaining agreements, and business or organizational needs.  At Constellation Brands, it is not typical for an individual to be hired at the high end of the range for their role, and compensation decisions are dependent upon the facts and circumstances of each position and candidate. We offer comprehensive package of benefits including paid time off, medical/dental/vision insurance, 401(k), and any other benefits to eligible employees.

Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, or any other form of compensation that are allocable to a particular employee remains in the Company's sole discretion unless and until paid and may be modified at the Company’s sole discretion, consistent with the law.

Equal Opportunity

Constellation Brands is committed to a continuing program of equal employment opportunity. All persons have equal employment opportunities with Constellation Brands, regardless of their sex, race, color, age, religion, creed, sexual orientation, national origin or citizenship, ancestry, physical or mental disability, medical condition (cancer or genetic characteristics), marital status, gender (including gender identity or gender expression), familial status, military or veteran status, genetic information, pregnancy, childbirth, breastfeeding, or related conditions (or any other group or category within the framework of the applicable discrimination laws and regulations).

Not sure you meet all qualifications? Research shows that women and members of other under-represented groups tend to not apply to jobs when they think they may not meet every qualification, when, in fact, they often do! We are committed to creating a diverse and inclusive environment and strongly encourage you to apply.