Manager of Vulnerability Management

Job Summary:

As the Manager of Vulnerability Management you will play a key role in the success of the vulnerability and configuration management program by identifying security risks, prioritizing actions based on intelligence-driven processes, and proactively responding to emerging threats. This role will be the face of the program and will oversee a managed service provider that performs the day-to-day functions of the vulnerability and configuration management program.

Responsibilities:

• Provide oversight and direction to managed service provider to work on vulnerability and configuration scans, analysis, and reporting to support the organization.
• Develop strategy for a risk-based vulnerability management program for the organization.
• Collaborate closely with cross-functional teams to facilitate the timely remediation of vulnerabilities and misconfigurations, with a strong focus on effectiveness and risk management.
• Partner with Cyber Threat Intelligence, the Cybersecurity Incident Response team, and technology remediation groups to deliver shared outcomes that measurably improve our efficacy to detect and remediate vulnerabilities.
• Determine tools and resources needed to support the organization's need to identify and prioritize vulnerability and configuration deficiencies.
• Establish organization secure configuration standards across operating systems, applications, and devices

Ideal Candidates Will Have Experience:

• Managing a team or Managed Service Provider
• Vulnerability and configuration management within healthcare environment
• Using ServiceNow Vulnerability Response module
• Contributing or developing polices or standards

BENEFITS

Our benefits are designed to help you live well no matter where you are on your journey. For full details on coverage and eligibility, visit the Baylor Scott & White Benefits Hub to explore our offerings, which may include: 

• Immediate eligibility for health and welfare benefits
• 401(k) savings plan with dollar-for-dollar match up to 5%
• Tuition Reimbursement
• PTO accrual beginning Day 1
  Note: Benefits may vary based upon position type and/or level

Preferred Certifications:

• Certified Information Systems Professional (CISSP)
• Certified Information Security Manager (CISM)
• CompTIA Advanced Security Practitioner (CASP+)

Preferred Qualifications

• BS Degree in computer science, computer engineering, software engineering, cybersecurity or related technical degree
  or 5 years equivalent technology experience
• 5+ years' experience in information security in an enterprise environment
• 3+ years' experience assessing and implementing vulnerability management tools, vulnerability scan configurations, vulnerability reporting, and vulnerability remediation in an enterprise environment.
• Knowledge of common software, operating systems vulnerabilities, Unix/Lenux
• Strong experience with Vulnerability Management Platforms such as Tenable, Qualys, Rapid7, in a large corporate environment.
• Experience with Center for Internet Security (CIS) benchmarks for secure configurations.
• Understanding of cybersecurity organizational practices, operations risk management processes, architectural requirements, and vulnerability risk.
• Experience with controls or frameworks such as NIST 800-53, NIST CSF, CIS, MITRE ATT&CK
• Strong experience in reading and understanding vulnerability scans
• Experience creating and running authenticated and unauthenticated scans
• Knowledge of data communications terminology (e.g., networking protocols, Ethernet, IP, encryption, optical devices, removable media).

• Knowledge of existing, emerging, and long-range issues related to cyber operations strategy, policy, and organization

   

Minimum Qualifications

• EDUCATION - Bachelor's or 11 years of work experience 
• EXPERIENCE - 7 Years of Experience
• Demonstrated experience in healthcare preferred