Baylor Scott & White Health
Manager of Vulnerability Management
Baylor Scott & White Health, Dallas, Texas, United States, 75215
Job Summary
As the Manager of Vulnerability Management you will play a key role in the success of the vulnerability and configuration management program by identifying security risks, prioritizing actions based on intelligence-driven processes, and proactively responding to emerging threats. This role will be the face of the program and will oversee a managed service provider that performs the day-to-day functions of the vulnerability and configuration management program. Responsibilities
Provide oversight and direction to a managed service provider to work on vulnerability and configuration scans, analysis, and reporting to support the organization. Develop strategy for a risk-based vulnerability management program for the organization. Collaborate closely with cross-functional teams to facilitate the timely remediation of vulnerabilities and misconfigurations, with a strong focus on effectiveness and risk management. Partner with Cyber Threat Intelligence, the Cybersecurity Incident Response team, and technology remediation groups to deliver shared outcomes that measurably improve our ability to detect and remediate vulnerabilities. Determine tools and resources needed to support the organization\'s need to identify and prioritize vulnerability and configuration deficiencies. Establish organizational secure configuration standards across operating systems, applications, and devices. Ideal Candidates Will Have Experience
Managing a team or Managed Service Provider Vulnerability and configuration management within a healthcare environment Using ServiceNow Vulnerability Response module Contributing to or developing policies or standards Benefits
Our benefits are designed to help you live well no matter where you are on your journey. For full details on coverage and eligibility, visit the Baylor Scott & White Benefits Hub to explore our offerings, which may include: Immediate eligibility for health and welfare benefits 401(k) savings plan with dollar-for-dollar match up to 5% Tuition Reimbursement PTO accrual beginning Day 1 Preferred Certifications
Certified Information Systems Professional (CISSP) Certified Information Security Manager (CISM) CompTIA Advanced Security Practitioner (CASP+) Preferred Qualifications
BS Degree in computer science, computer engineering, software engineering, cybersecurity or related technical degree or 5 years equivalent technology experience 5+ years\' experience in information security in an enterprise environment 3+ years\' experience assessing and implementing vulnerability management tools, vulnerability scan configurations, vulnerability reporting, and vulnerability remediation in an enterprise environment Knowledge of common software and operating system vulnerabilities; Unix/Linux Strong experience with Vulnerability Management Platforms such as Tenable, Qualys, Rapid7 in a large corporate environment Experience with Center for Internet Security (CIS) benchmarks for secure configurations Understanding of cybersecurity organizational practices, operations risk management processes, architectural requirements, and vulnerability risk Experience with controls or frameworks such as NIST 800-53, NIST CSF, CIS, MITRE ATT&CK Strong experience in reading and understanding vulnerability scans Experience creating and running authenticated and unauthenticated scans Knowledge of data communications terminology (e.g., networking protocols, Ethernet, IP, encryption, optical devices, removable media) Knowledge of existing, emerging, and long-range issues related to cyber operations strategy, policy, and organization Minimum Qualifications
EDUCATION - Bachelor\'s degree or 11 years of work experience EXPERIENCE - 7 Years of Experience Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology Industries
Hospitals and Health Care
#J-18808-Ljbffr
As the Manager of Vulnerability Management you will play a key role in the success of the vulnerability and configuration management program by identifying security risks, prioritizing actions based on intelligence-driven processes, and proactively responding to emerging threats. This role will be the face of the program and will oversee a managed service provider that performs the day-to-day functions of the vulnerability and configuration management program. Responsibilities
Provide oversight and direction to a managed service provider to work on vulnerability and configuration scans, analysis, and reporting to support the organization. Develop strategy for a risk-based vulnerability management program for the organization. Collaborate closely with cross-functional teams to facilitate the timely remediation of vulnerabilities and misconfigurations, with a strong focus on effectiveness and risk management. Partner with Cyber Threat Intelligence, the Cybersecurity Incident Response team, and technology remediation groups to deliver shared outcomes that measurably improve our ability to detect and remediate vulnerabilities. Determine tools and resources needed to support the organization\'s need to identify and prioritize vulnerability and configuration deficiencies. Establish organizational secure configuration standards across operating systems, applications, and devices. Ideal Candidates Will Have Experience
Managing a team or Managed Service Provider Vulnerability and configuration management within a healthcare environment Using ServiceNow Vulnerability Response module Contributing to or developing policies or standards Benefits
Our benefits are designed to help you live well no matter where you are on your journey. For full details on coverage and eligibility, visit the Baylor Scott & White Benefits Hub to explore our offerings, which may include: Immediate eligibility for health and welfare benefits 401(k) savings plan with dollar-for-dollar match up to 5% Tuition Reimbursement PTO accrual beginning Day 1 Preferred Certifications
Certified Information Systems Professional (CISSP) Certified Information Security Manager (CISM) CompTIA Advanced Security Practitioner (CASP+) Preferred Qualifications
BS Degree in computer science, computer engineering, software engineering, cybersecurity or related technical degree or 5 years equivalent technology experience 5+ years\' experience in information security in an enterprise environment 3+ years\' experience assessing and implementing vulnerability management tools, vulnerability scan configurations, vulnerability reporting, and vulnerability remediation in an enterprise environment Knowledge of common software and operating system vulnerabilities; Unix/Linux Strong experience with Vulnerability Management Platforms such as Tenable, Qualys, Rapid7 in a large corporate environment Experience with Center for Internet Security (CIS) benchmarks for secure configurations Understanding of cybersecurity organizational practices, operations risk management processes, architectural requirements, and vulnerability risk Experience with controls or frameworks such as NIST 800-53, NIST CSF, CIS, MITRE ATT&CK Strong experience in reading and understanding vulnerability scans Experience creating and running authenticated and unauthenticated scans Knowledge of data communications terminology (e.g., networking protocols, Ethernet, IP, encryption, optical devices, removable media) Knowledge of existing, emerging, and long-range issues related to cyber operations strategy, policy, and organization Minimum Qualifications
EDUCATION - Bachelor\'s degree or 11 years of work experience EXPERIENCE - 7 Years of Experience Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology Industries
Hospitals and Health Care
#J-18808-Ljbffr