Cyber Vulnerability Lead
Remote, US
Under Armour
Values & Innovation
At Under Armour, we are committed to empowering those who strive for more, and the company's values - Act Sustainably, Celebrate the Wins, Fight on Together, Love Athletes and Stand for Equality - serve as both a roadmap for our teams and the qualities expected of every teammate.
Our Values define and unite us, the beliefs that are the red thread that connects everyone at Under Armour. Our values are rallying cries, reminding us why we're here, and fueling everything we do.
Our pursuit of better begins with innovation and with our team's mission of being the best. With us, you get the freedom to go further - no matter your role. That means developing, delivering, and selling the state-of-the-art products and digital tools that make top performers even better.
If you are a current Under Armour teammate, apply to this position on the Internal Career Site Here.
Purpose of Role
The Lead, Vulnerability Management will be responsible for developing, coordinating, and streamlining the vulnerability management program at Under Armour. This individual should be an experienced cyber security professional with a strong understanding of how to create and lead vulnerability management programs. The Lead is ultimately responsible for ensuring our business units can be measured towards compliance set by Under Armour policy and directives. You will be responsible for generating reports for senior leaders and business units across Under Armour. This role is an opportunity to make a visible impact across Under Armour.
Your Impact
- Manage the Vulnerability Management program as a leader and subject matter expert.
- Perform vulnerability assessments by both manual and automated methods.
- Understand, design, and develop vulnerability mitigation strategies, prioritize identified vulnerabilities, and manage risk associated with vulnerabilities.
- Establish and drive metrics, analytics, reporting, and a roadmap for continual program improvement.
- Author vulnerability management guidelines, processes, policies, and standards.
- Continually improve awareness of the latest technology trends, mainly as they apply to vulnerability management and technologies used within the company.
- Maintain awareness of new and upcoming vulnerabilities and coordinate across teams to determine the impact.
- Participate in impact assessments to help define prioritization and proper monitoring coverage.
- Develop and maintain automated situational awareness dashboards for leadership and system owners.
- Advocate for policy and technological improvements across the company related to cyber security and vulnerability assessment.
- Manage the vulnerability assessment infrastructure – Tenable.io and Tenable Nessus Scanners.
Qualifications
- Bachelor's Degree in Information Systems Security, Cybersecurity, or related field or equivalent work experience.
- Bachelor's degree with typically 8 years of relevant experience or Master's degree with typically 6 years of relevant experience or typically 12 years of relevant work experience without degree.
- Proven experience in security operations, vulnerability management, or a similar position.
- Experience performing vulnerability assessments on Windows, Linux, networking and other IP devices, mobile environments, and Cloud environments.
- 3+ years of experience utilizing vulnerability scanning technology from companies such as Tenable or Rapid7.
- Experience with vulnerability management practices in AWS, GCP, or Azure.
- Understanding of PCI, GDPR, and SOX compliance is a plus.
- Strong determination and ability to automate common tasks - Python, Ruby, or PowerShell.
- The ability to utilize and process data programmatically, from both static sources and APIs.
Workplace Location
- Location: Remote
- Return to Work Designation: Remote
- Travel: Less than 10% of the year
- Licenses/Certifications: One or more cyber security or audit certifications such as GEVA, CISM, OSCP, CASP, GIAC (or equivalent experience)
Relocation
- No relocation provided
Base Compensation
[[$120,000 - $180,000]] [[USD]]
Most new hires fall within this range and have the opportunity to earn more over time. Initial placement within the salary range, however, is based on an individual's relevant knowledge, skills and experience for the position. UA is committed to helping our teammates succeed and advance in their careers. Base salary is only one component of our competitive Total Rewards package.
Benefits & Perks
- Paid "UA Give Back" Volunteer Days: Work alongside your team to support initiatives in your local community.
- Under Armour Merchandise Discounts
- Competitive 401(k) plan matching.
- Maternity and Parental Leave for eligible and FMLA-eligible teammates
- Health & fitness benefits, discounts and resources- We offer teammates across the country programs to promote physical activity and overall well-being.
Want more details about benefits? Visit our page here
Our Commitment to Diversity
At Under Armour, we are committed to providing an environment of mutual respect where equal employment opportunities are available to all applicants and teammates without regard to race, color, religion or belief, sex, pregnancy (including childbirth, lactation and related medical conditions), national origin, age, physical and mental disability, marital status, sexual orientation, gender identity, gender expression, genetic information (including characteristics and testing), military and veteran status, family or paternal status and any other characteristic protected by applicable law. Under Armour believes that diversity and inclusion among our teammates is critical to our success as a global company, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool. Accommodation is available for applicants with disabilities upon request.
Tags: Analytics APIs AWS Azure CASP+ CISM Cloud Compliance GCP GDPR GIAC Linux Monitoring Nessus OSCP PowerShell Python Ruby SOX Vulnerabilities Vulnerability management Windows
Perks/benefits: Competitive pay Fitness / gym Health care Medical leave Parental leave Relocation support
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Manager Pentest H/F jobs
- Open Staff Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Operations Analyst jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open SaaS-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs