This role is 100% onsite - Minneapolis, MN area. Full time salaried role.
We are seeking a highly motivated and experienced Security Vulnerability Manager to lead the design and execution of the vulnerability management program. This role requires a hands-on approach initially, focusing on backend process clean-up, building robust workflows, and partnering closely with the applications team. The ideal candidate will also develop and implement the ADR/MDR process, collaborating with Managed Service Providers (MSPs) for execution.
Program Leadership and Development:
- Design, implement, and manage a comprehensive vulnerability management program.
- Build and optimize the ADR/MDR process, collaborating with internal teams and external MSPs.
- Establish and automate patching processes for both Windows and Linux environments.
Technical Oversight:
- Oversee discovery, evaluation, and remediation of security vulnerabilities.
- Manage and maintain vulnerability scanning and patching tools (e.g., MS SCCM, RedHat Satellite).
- Conduct regular vulnerability assessments and penetration tests.
- Administer Endpoint Detection and Response (EDR) solutions such as Microsoft Defender, CrowdStrike, and Tanium.
- Perform threat hunting, ensuring alignment with organizational security goals.
Risk Analysis and Reporting:
- Analyze vulnerability data to assess risks and recommend mitigation strategies.
- Develop dashboards to track and communicate program metrics to stakeholders.
- Stay abreast of emerging security threats and adjust the program accordingly.
Collaboration and Communication:
- Partner with cross-functional teams to ensure timely remediation of vulnerabilities.
- Provide insights on emerging threats and mitigating controls.
- Lead efforts to meet regulatory and compliance requirements using frameworks like NIST CSF.
QUALIFICATIONS
Education and Experience:
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field.
- 8+ years of experience in vulnerability management, security operations, and process building.
- Proven expertise in leading end-to-end vulnerability management programs.
Technical Skills:
- Hands-on experience with vulnerability and patch management tools (e.g., SCCM, RedHat Satellite).
- Strong background in EDR tools, including deployment, configuration, and threat hunting.
- Proficiency in risk assessment and prioritization frameworks.
Frameworks and Methodologies:
- Solid understanding of the NIST CSF Framework and operational security disciplines.
Soft Skills:
- Exceptional communication and interpersonal skills.
- Strong problem-solving and collaboration abilities.
- Self-starter with a proactive approach to identifying and resolving security risks.