Job Summary

\n

As the Manager of Vulnerability Management you will paly a key role in the success of the vulnerability and configuration management program by identifying security risks, prioritizing actions based on intelligence-driven processes, and proactively responding to emerging threats. This role will be the face of the program and will oversee a managed service provider that performs the day-to-day functions of the vulnerability and configuration management program.

\n

Responsibilities:

\n\nProvide oversight and direction to managed service provider to work on vulnerability and configuration scans, analysis, and reporting to support the organization.\nDevelop strategy for a risk-based vulnerability management program for the organization.\nCollaborate closely with cross-functional teams to facilitate the timely remediation of vulnerabilities and misconfigurations, with a strong focus on effectiveness and risk management.\nPartner with Cyber Threat Intelligence, the Cybersecurity Incident Response team, and technology remediation groups to deliver shared outcomes that measurably improve our efficacy to detect and remediate vulnerabilities.\nDetermine tools and resources needed to support the organization's need to identify and prioritize vulnerability and configuration deficiencies.\nEstablish organization secure configuration standards across operating systems, applications, and devices.\n\n

Ideal Candidates Will Have Experience:

\n\nManaging a team or Managed Service Provider\nVulnerability and configuration management within healthcare environment\nUsing ServiceNow Vulnerability Response module\nContributing or developing polices or standards\n\n

BENEFITS

\n

Our competitive benefits package includes the following

\n\nImmediate eligibility for health and welfare benefits\n401(k) savings plan with dollar-for-dollar match up to 5%\nTuition Reimbursement\nPTO accrual beginning Day 1\n\n

Note: Benefits may vary based upon position type and/or level

Preferred Certifications:

\n\nCertified Information Systems Professional (CISSP)\nCertified Information Security Manager (CISM)\nCompTIA Advanced Security Practitioner (CASP+)\n\n

Preferred Qualifications

\n\nBS Degree in computer science, computer engineering, software engineering, cybersecurity or related technical degree\n\nor 5 years equivalent technology experience\n\n\n5+ years' experience in information security in an enterprise environment\n3+ years' experience assessing and implementing vulnerability management tools, vulnerability scan configurations, vulnerability reporting, and vulnerability remediation in an enterprise environment.\nKnowledge of common software, operating systems vulnerabilities, Unix/Lenux\nStrong experience with Vulnerability Management Platforms such as Tenable, Qualys, Rapid7, in a large corporate environment.\nExperience with Center for Internet Security (CIS) benchmarks for secure configurations.\nUnderstanding of cybersecurity organizational practices, operations risk management processes, architectural requirements, and vulnerability risk.\nExperience with controls or frameworks such as NIST 800-53, NIST CSF, CIS, MITRE ATT&CK\nStrong experience in reading and understanding vulnerability scans\nExperience creating and running authenticated and unauthenticated scans\nKnowledge of data communications terminology (e.g., networking protocols, Ethernet, IP, encryption, optical devices, removable media).\nKnowledge of existing, emerging, and long-range issues related to cyber operations strategy, policy, and organization\n\n

Minimum Qualifications

\n\nEDUCATION - Bachelor's or 4 years of work experience above the minimum qualification\nEXPERIENCE - 5 Years of Experience\n