Associate Director, Security Vulnerability Program Manager

Boston, MA

Applications have closed

Wayfair Inc.

Shop Wayfair for A Zillion Things Home across all styles and budgets. 5,000 brands of furniture, lighting, cookware, and more. Free Shipping on most items.

View company page

Associate Director, Security Vulnerability Program Manager 

 

Who We Are: 

 

Wayfair believes everyone should live in a home they love. Through technology and innovation, we make it possible for shoppers in the US, UK, Germany, and Canada to quickly and easily find exactly what they want from a selection of more than 20 million items across home furnishings, decor, home improvement, housewares, and more. Committed to delighting our customers every step of the way, Wayfair is reinventing the way people shop for their homes – from product discovery to final delivery.

 

Reporting to the Global Head of Security Operations, you will work closely with stakeholders to design, build and lead Global Vulnerability Management Program. You will be responsible for the building and executing of the program’s strategy by ensuring continuous vulnerability lifecycle management within the Wayfair environment including scanning, monitoring, collection, reporting, and assessment of impact for vulnerability related data from both the internal environment and 3rd party providers.


What You’ll Be Doing

  • Develop, own, and execute on the Wayfair Vulnerability Management strategy
  • Direct on-going vulnerability assessments, penetration tests, and application and network security scans. Direct assessment efforts in a prioritized fashion, seeking breadth and depth of coverage where appropriate.
  • Monitor security vulnerability/threat intel to anticipate new security threats and attack vectors
  • Develop, implement, and manage the Computer Incident Response Plan and oversee electronic discovery and forensic investigations.
  • Identify and recommend appropriate measures to manage and remediate vulnerabilities and reduce potential impacts on information resources to a level acceptable to the senior management of the company.
  • Build strong partnerships with technical teams to promote best practices for managing vulnerabilities in an agile manner and within cloud solutions
  • Develop and own vulnerability assessments and scanning scheduling and execution
  • Providing mentorship, coaching, performance management and support to team members with regard to vulnerability assessment, communication/rapport with other divisions and various levels of leadership, technical expertise, and career development
  • Identify and drive improvements to cybersecurity and business resilience
  • Foster working relationships with divisional/subsidiary business and IT customers to deliver value to the business
  • Provide relevant and actionable reporting to stakeholders and executive management. 
  • Collaborate with industry and partner organizations to identify threat trends and best practices

What You Will Need To Be Successful

  • Bachelors and/or Masters Degree in Information Security, Engineering, Computer Science, etc. (or equivalent professional experience)
  • 10+ years experience in vulnerability management or related field such as IT/network incident triage response and remediation
  • Drive to learn new things about vulnerability management, exploits, hacker techniques, and overall security operations
  • Familiar with industry standard security best practices and vulnerability management processes including compliance reporting
  • Excellent analytical and problem solving skills  
  • Ability to act as a strategist and champion for security; paints a compelling picture of the vision and strategy that motivates others to act
  • High level of credibility, with an accomplished background in security, in a variety of industries
  • Ability to build and develop the appropriate team that delivers on key objectives and navigates the security landscape
  • Ability to build constructive relationships with diverse groups of people, including internal and external stakeholders
  • Experience working with legal, risk, and audit teams to ensure strong cooperation and collaboration
  • Excellent communication and listening skills
  • A commitment to customer service excellence
  • Ability to drive results and champions change

About Wayfair Inc.

Wayfair is one of the world’s largest online destinations for the home. Whether you work in our global headquarters in Boston or Berlin, or in our warehouses or offices throughout the world, we’re reinventing the way people shop for their homes. Through our commitment to industry-leading technology and creative problem-solving, we are confident that Wayfair will be home to the most rewarding work of your career. If you’re looking for rapid growth, constant learning, and dynamic challenges, then you’ll find that amazing career opportunities are knocking.

No matter who you are, Wayfair is a place you can call home. We’re a community of innovators, risk-takers, and trailblazers who celebrate our differences, and know that our unique perspectives make us stronger, smarter, and well-positioned for success. We value and rely on the collective voices of our employees, customers, community, and suppliers to help guide us as we build a better Wayfair – and world – for all. Every voice, every perspective matters. That’s why we’re proud to be an equal opportunity employer. We do not discriminate on the basis of race, color, ethnicity, ancestry, religion, sex, national origin, sexual orientation, age, citizenship status, marital status, disability, gender identity, gender expression, veteran status, or genetic information.

Tags: Agile Cloud Compliance Computer Science Exploits Incident response Monitoring Network security Strategy Vulnerabilities Vulnerability management

Perks/benefits: Career development Startup environment

Region: North America
Country: United States
Job stats:  5  0  0
Category: Leadership Jobs

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.