Senior Manager Vulnerability Management
Dallas, TX, US, 75254
Southern Glazer's Wine & Spirits
Southern Glazer's is the premier beverage distributor for wines, spirits, beer, and non-alcoholic products in the U.S. and Canada.What You Need To Know
Open the door to a groundbreaking tech career with an industry leader. Southern Glazer’s Wine & Spirits is North America’s preeminent wine and spirits distributor, as well as a family-owned, privately held company with a 50+ year legacy of success. To create a new era in alcohol beverage sales and service, we’re heavily invested in the most transformative new technologies – and the most brilliant tech professionals. Southern Glazer’s was named by Newsweek as a Most Loved Workplace and is included on the Forbes lists for Largest Private Companies and Best Employers for Diversity.
As a full-time employee, you can choose from a full menu of our Top Shelf Benefits, including comprehensive medical and prescription drug coverage, dental and vision plans, tax-saving Flexible Spending Accounts, disability coverage, life insurance plans, and a 401(k) plan. We also offer tuition reimbursement, a wellness program, parental leave, vacation accrual, paid sick leave, and more.
We offer continuous learning and career growth in a fast-paced environment where you are respected, your voice is heard, and technology is part of our strategy for success. If you’re looking to fill your glass with opportunity, come join our FAMILY.
Overview
The Senior Manager, Vulnerability Management role will manage the Vulnerability Management team. This position is responsible for leading a team of Vulnerability Management professionals that identify, assess, and partner with other teams and application owners to remediate security vulnerabilities. This role will work closely with other teams and application owners to provide guidance on patching software and hardware vulnerabilities that have been identified in Enterprise and OT environments.
Specialized Skills and Technologies
- Proficient in using vulnerability scanning and assessment tools for OT and Enterprise Environments
- Able to communicate the impact of a vulnerability effectively including what it affects, how it is exploited, and the result of exploitation
- Possess deep understanding of multiple Operating Systems (Windows, Linux, AIX, etc.) and how vulnerabilities impact them
- Solid knowledge of current and emerging technologies
- Excellent teaching, problem-solving, communication, and interpersonal skills
- Solid understanding of networking, systems, and security related technologies
- Extensive knowledge of cybersecurity principles, threats, and attack types
- Solid understanding of security frameworks such as NIST, ISO 27001, etc.
- Understanding of how to perform incident response and assist in investigations with relation to an exploited vulnerability
- Knowledge of vulnerability information sources and how they are used is mandatory
- Ability and desire to lead and the flexibility to also share the duties of the technical team
- Willingness to mentor, train, and share knowledge with peers
- Ability to build and maintain relationships, provide mentorship, and present ideas in an effective manner
- Ability to utilize staff strengths, develops staff in weak areas, and constructively address staff performance problems
Primary Responsibilities
- Develops and maintains a vulnerability management strategy to include patching strategies, prioritization of vulnerabilities, and ensuring remediation SLAs are met
- Works closely with system administrators, developers, and application owners to ensure remediation is performed within the SLA window
- Utilizes vulnerability scanning tools and software to identify vulnerabilities
- Present reports that document upwards and downward trends, remediation efforts, and progress to management
- Manages internal operations projects that may require cross-department resources and coordination
- Provides analysis and prioritization of vulnerabilities based on severity, impact, and exploitability
- Manages all facets of vulnerability management including Operational Technology (OT) environments
- Detects and responds to security threats by implementing various continuous monitoring tools in major cloud environments
- Follows up with teams responsible for patching to ensure vulnerabilities are being addressed in a timely manner
- Ensures that vulnerability management processes are followed and aligned with internal security policies and best practices
- Collaborates with other security teams to ensure policies, procedures, and standards are in place and maintained
- Analyzes activities and documented resolutions, identifies problem areas, devise, and deliver solutions to enhance quality of service and prevent future issues
- Defines key operational metrics, develop reporting, and sets targets to continuously improve
- Directs and participates in Information Security projects and supports team efforts for day-to-day operations
- Sets staff goals and training, defines technology priorities, and develops long-term strategies to manage and scale the information security program
- Supervises one or more staff and provides them with technical guidance and mentoring
- Aggressively automates repeated tasks to allow the team to scale with the organization’s growth
- Communicates and acts as liaison with end users and colleagues
- Communicates progress on priorities and budget to management and team
- Serves as a member of the team as a technical leader
- Serves as a subject matter expert inside of SGWS and assists with complex issues pertaining to vulnerability management as needed
- Participates in on-call rotation
- Recruits staff including interviewing, hiring, assigning work, training, coaching, and counseling ensuring consistent application of Employee Guidelines, processes, and procedures
- Conducts performance reviews and holds employees accountable for optimal performance of their responsibilities
- Organizes the Vulnerability Management team to ensure it is focused on the information security related needs, goals, and concerns of our business
- Provides feedback on performance throughout the year, initiates performance plans and disciplinary actions at appropriate times, plans ahead to prepare and present appraisal to salaried employees
Preferred Qualifications
- Master’s Degree
- Active CISSP or other relevant security-related certification
- Scripting and/or programming skills
Minimum Qualifications
- Bachelor’s degree and formal education in relevant disciplines (Business, Engineering, Information Systems, Computer Science, Mathematics or relevant degree)
- Minimum 12 years of experience working with technical configurations and varying technologies in a fast-paced environment
- Minimum 7 years of experience in managing a team of Information Technology professionals
- Critical and creative thinker
- Problem Solver
- Strategic Thinker
- Excellent presentation and facilitation skills
- Adaptable and able to manage change
- Superior interpersonal, communication and presentation skills
- Demonstrates ability to monitor project progress by tracking activities, issues/ risks/dependencies, and provides recommendation for resolution
- Business Acumen
- Effective Communication
Agile Delivery Values
- Openness – Team and stakeholders agree to be open about all work and challenges
- Commitment – Personally commit to achieving the goals of the team
- Respect – Respect your team members to be capable and independent
- Courage – You have courage to do the right thing and work on tough problems
- Focus – Everyone focus on the work in the sprint and the goal of the scrum team. Rise and fall as a team
Physical Demands
- Physical demands include a considerable amount of time sitting and typing/keyboarding, using a computer (e.g., keyboard, mouse, and monitor), or mobile device
- Physical demands with activity or condition may occasionally include walking, bending, reaching, standing, squatting, and stooping
- May require occasional lifting/lowering, pushing, carrying, or pulling up to 20lbs
EEO Statement
Southern Glazer's Wine and Spirits, an Affirmative Action/EEO employer, prohibits discrimination and harassment of any type and provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. Southern Glazer's Wine and Spirits provides competitive compensation based on estimated performance level consistent with the past relevant experience, knowledge, skills, abilities and education of employees. Unless otherwise expressly stated, any pay ranges posted here are estimates from outside of Southern Glazer's Wine and Spirits and do not reflect Southern Glazer's pay bands or ranges.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile CISSP Cloud Computer Science Incident response ISO 27001 Linux Mathematics Monitoring NIST Scripting Scrum SLAs Strategy Teaching Vulnerabilities Vulnerability management Windows
Perks/benefits: Career development Competitive pay Flex hours Flex vacation Health care Insurance Medical leave Parental leave Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Security Specialist jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Penetration Tester jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Engineer jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs