Vulnerability Management Leader - Product Security

Resolvit.com - Remote

RESOLVIT

Bringing Solutions That Make Business Better

Join Resolvit as a Vulnerability Management Leader – Product Security and be part of a creative, forward-thinking team. Our success at deploying skilled, highly knowledgeable experts has landed us on the Inc. 5000 list of America’s fastest-growing companies four times – and we’re just getting started.

As the Vulnerability Management Leader – Product Security you will lead by forming strong partnerships with product engineering leaders and teams and provide vision, strategy, and prioritization to control/mitigate vulnerabilities in a timely and effective manner. You will embed the organization’s vulnerability management vision into product development lifecycle management processes. You will also define key performance indicators and metrics across engineering teams to illustrate cyber health and effectiveness with vulnerability management. Additionally, you will:

  • Serve as subject matter expert for engineering teams, providing analysis to help them understand remediation steps, impact, and prioritization
  • Communicate vulnerability results in a manner understood by technical and non-technical business units based on risk tolerance and threat to the business and gain support through influential messaging
  • Engage with various internal stakeholders including engineering and infrastructure teams, legal, corporate communications, and other relevant teams in cybersecurity to conduct holistic response management on identified vulnerabilities, the remediation efforts, and to drive the decision on vulnerability disclosure and advisories to customers
  • Prepare reports and presentations communicating risks and status to a diverse audience of technical and business leadership
  • Periodically attend and participate in release management discussions and meetings
  • Regularly research and learn new vulnerabilities, threats, TTPs in public and closed forums, and work with colleagues to assess risk and implement/validate controls as necessary

What You’ll Need to be Successful:

  • At least 10 years of progressive experience in security operations, vulnerability management, risk assessment, engineering/IT operations, and/or incident response in large enterprise environments
  • Operational and execution skills to deliver the strategy, while also requiring emphasis strategy and influence
  • Comfortable working with a large and complex portfolio of products and a broad set of stakeholders
  • Solid understanding and knowledge of vulnerability management tools and methodologies and security attack vectors
  • Comprehensive knowledge of the secure software development life cycle
  • Sound knowledge of common infrastructure and web application vulnerabilities, and common vulnerability categorizations such as CVE, CVSS, and CWE
  • Understanding of OWASP, CVSS, the MITRE ATT&CK framework, and the software development life cycle
  • Good knowledge of information security control frameworks such as ISO/IEC 27001, NIST CSF, CobIT, etc.
  • Experience in business process management and/or program management
  • Ability to assemble and lead virtual teams to resolve incidents and to work collaboratively and remotely with others to accomplish goals
  • Articulate risk and impact to product engineering leaders with the proven ability to convey the urgency and need to remediate a vulnerability commensurate with the risk it presents
  • Strong knowledge and work experience in handing vulnerability management for embedded and cloud-based solutions
  • An ability to effectively influence others
  • An understanding of organizational mission, values, and goals as well as consistent application of this knowledge
  • Excellent time management and organizational skills
  • Excellent written, verbal, and interpersonal communication skills, and collaborative skills
  • Highly self-directed and self-motivated
  • Organized with the ability to prioritize work and meet deadlines

Great Additional Skills:

  • CISM, CRISC, CISSP certifications

Benefits:

At Resolvit, you’ll be given the support you need to grow in your consulting career. In addition to opportunities for advancement, we offer:

  • Medical, dental, and vision insurance
  • Life insurance coverage
  • Long-term and short-term disability coverage
  • 401(k) retirement plan with matching
  • Professional support from our Client & Employee Optimization Specialist

We currently have more than 100 open career opportunities across the country, so be sure to mention the appropriate Job Code with any correspondence!

About Resolvit:

Resolvit is an international technology consulting firm with industry-leading customers in the financial services, high tech, manufacturing, retail, life sciences, and government sectors. Through its partnerships, Resolvit delivers highly impactful, innovative solutions across five core areas: Infrastructure Modernization, Application Development Services, Enterprise Data Management & Analytics, Knowledge & Content Management, and Strategic Staffing.



Posted On: Tuesday, July 26, 2022



Apply to this job
  • It is the policy of Resolvit, LLC to provide and administer employment, training, compensation, promotion, benefits and employment practices without regard to race, color, religion, national origin, ancestry, sex, sexual orientation, age, disability, medical condition, veteran status, marital status, or political affiliation.