Description

*Job Summary:* As the Manager of Vulnerability Management you will paly a key role in the success of the vulnerability and configuration management program by identifying security risks, prioritizing actions based on intelligence-driven processes, and proactively responding to emerging threats. This role will be the face of the program and will oversee a managed service provider that performs the day-to-day functions of the vulnerability and configuration management program. *Responsibilities:* * Provide oversight and direction to managed service provider to work on vulnerability and configuration scans, analysis, and reporting to support the organization. * Develop strategy for a risk-based vulnerability management program for the organization. * Collaborate closely with cross-functional teams to facilitate the timely remediation of vulnerabilities and misconfigurations, with a strong focus on effectiveness and risk management. * Partner with Cyber Threat Intelligence, the Cybersecurity Incident Response team, and technology remediation groups to deliver shared outcomes that measurably improve our efficacy to detect and remediate vulnerabilities. * Determine tools and resources needed to support the organization's need to identify and prioritize vulnerability and configuration deficiencies. * Establish organization secure configuration standards across operating systems, applications, and devices *Ideal Candidates Will Have Experience:* * Managing a team or Managed Service Provider * Vulnerability and configuration management within healthcare environment * Using ServiceNow Vulnerability Response module * Contributing or developing polices or standards *BENEFITS* Our benefits are designed to help you live well no matter where you are on your journey. For full details on coverage and eligibility, visit the Baylor Scott & White Benefits Hub to explore our offerings, which may include: * *Immediate eligibility for health and welfare benefits* * *401(k) savings plan with dollar-for-dollar match up to 5%* * *Tuition Reimbursement* * *PTO accrual beginning Day 1* Note: Benefits may vary based upon position type and/or level *Preferred Certifications:* * Certified Information Systems Professional (CISSP) * Certified Information Security Manager (CISM) * CompTIA Advanced Security Practitioner (CASP+) *Preferred Qualifications* * BS Degree in computer science, computer engineering, software engineering, cybersecurity or related technical degree or 5 years equivalent technology experience * 5+ years' experience in information security in an enterprise environment * 3+ years' experience assessing and implementing vulnerability management tools, vulnerability scan configurations, vulnerability reporting, and vulnerability remediation in an enterprise environment. * Knowledge of common software, operating systems vulnerabilities, Unix/Lenux * Strong experience with Vulnerability Management Platforms such as Tenable, Qualys, Rapid7, in a large corporate environment. * Experience with Center for Internet Security (CIS) benchmarks for secure configurations. * Understanding of cybersecurity organizational practices, operations risk management processes, architectural requirements, and vulnerability risk. * Experience with controls or frameworks such as NIST 800-53, NIST CSF, CIS, MITRE ATT&CK * Strong experience in reading and understanding vulnerability scans * Experience creating and running authenticated and unauthenticated scans * Knowledge of data communications terminology (e.g., networking protocols, Ethernet, IP, encryption, optical devices, removable media). * Knowledge of existing, emerging, and long-range issues related to cyber operations strategy, policy, and organization *Minimum Qualifications* * EDUCATION - Bachelor's or 11 years of work experience * EXPERIENCE - 7 Years of Experience * Demonstrated experience in healthcare preferred