VMware Sr. Manager, Vulnerability Management in Farmers Branch, Texas

The VMware Vulnerability Management team is responsible for proactively identifying and managing the remediation of vulnerabilities affecting VMware infrastructure and services. The Sr. Manager, Vulnerability Management is a technical management role responsible for leading the Vulnerability Management team in vulnerability detection and assessment, penetration testing, and driving vulnerability remediation. The ideal candidate will have strong leadership experience managing vulnerability remediation programs.

This position is responsible for:

  • Leading and supporting the Vulnerability Management team, effectively driving team strategy, goals, and performance objectives.

  • Overall accountability for development, implementation, and effectiveness of vulnerability management and security testing programs, initiatives, and capabilities.

  • Establishing daily operations, regular communications, resource planning, providing guidance, relaying leadership expectations and leading team initiatives and activities.

  • Providing communications across the organization, interfacing with senior leadership on vulnerability remediation, driving security hardening best practices, and representing the Vulnerability Management team with customers and partners.

  • Developing and maintaining strong partnerships with other teams to drive end-to-end vulnerability remediation, ensure consistent customer experience, convey a positive and professional demeanor, and be a positive catalyst for leading change.

  • Assisting with strategic planning, providing input on capabilities and methods used for vulnerability management and security testing, and driving improvements.

  • Driving requirements definition, evaluation, recommendation, implementation, and troubleshooting of tools used by the Vulnerability Management team.

  • Directing ongoing vulnerability assessments and penetration tests.

  • Supporting compliance and risk management activities, recommending security controls and corrective actions to mitigate vulnerability risks.

  • Provide technical expertise for VMware information security policies and standards.

  • Maintaining current knowledge and understanding of the threat landscape and emerging security threats and vulnerabilities.

  • Establishing team and individual goals that support team objectives, coaching and mentoring, and providing career development guidance.

  • Maintaining a high level of confidentiality.

Required skills and experience:

  • 8-10 years of experience working in vulnerability management.

  • 8 years of related information security management experience.

  • Experience managing vulnerability management and security testing for cloud services (Amazon Web Services, Microsoft Azure, Google Cloud Platform).

  • Experience managing vulnerability scanning tools (Nessus, Qualys, AppScan, Trustwave, Burp Suite, Nipper) and vulnerability management platforms (RiskVision, Kenna Security).

  • Strong understanding of vulnerability management and security testing practices and methodologies.

  • Strong understanding of cloud computing and security issues related to cloud environments.

  • Strong understanding of common vulnerability frameworks (CVSS, OWASP Top 10).

  • Strong understanding of Internet security and networking protocols.

  • Understanding of system, application, and database hardening techniques and practices.

  • Ability to evaluate business risks and recommend appropriate information security measures.

  • Ability to interact effectively at all levels of an organization and across diverse cultural and linguistic barriers.

  • Ability to quickly adapt as the external environment and organization evolves.

  • Ability to prioritize projects and deliverables.

  • Comfortable facing new challenges and changes in direction.

  • Self-motivated, team player, and detail oriented.

  • Positive and constructive attitude.

  • Excellent written and verbal communications.

  • Availability outside working hours for high priority events.

  • Some travel required.

Desired skills/experience/certification:

  • Bachelor’s degree or equivalent experience, Master’s degree desirable.

  • Security certifications such as CISSP, CISSP-ISSMP, CISM, CRISC.

  • Project management experience.

VMware is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: VMware is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at VMware are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. VMware will not tolerate discrimination or harassment based on any of these characteristics. VMware encourages applicants of all ages. VMware will provide reasonable accommodation to employees who have protected disabilities consistent with local law.