Sysco
Job Summary
We are seeking a hands-on and strategic Vulnerability & Application Security Manager to lead and evolve our security posture across infrastructure and applications. This role is ideal for a technically proficient leader who thrives on solving complex security challenges, actively engages in day-to-day operations, and continuously identifies opportunities to mature and scale our security programs.
Duties and Responsibilities
Scanning, assessment, prioritization, remediation coordination, and tool management (e.g., Tenable, Wiz, Armis).
SDLC integration, SAST/DAST/SCA scans, threat modeling, secure coding collaboration, bug bounty management.
Identifying gaps, implementing automation, improving processes, staying current with threats and technologies.
Developing dashboards and tracking remediation progress, vulnerability trends, and risk posture.
Ensuring adherence to OWASP, NIST, PCI-DSS, HIPAA, and other relevant frameworks.
Mentoring staff, leading analysts/engineers, fostering growth and collaboration.
Qualifications
Education Required:
Bachelor's or Master's degree in Cybersecurity, Computer Science, Information Technology, or a related field
Experience Required:
7+ years of experience in cybersecurity, with at least 2 years in a leadership role or vulnerability management
Experience Preferred:
10+ years of experience in cybersecurity, with at least 4 years in a leadership role or vulnerability management
Licenses/Certifications Required:
CISSP, CISM, OSCP, or GIAC, or equivalent
Technical Skills and Abilities
Strong knowledge of vulnerability management tools (e.g., Tenable, Wiz, Armis).
Proven hands-on experience with vulnerability management and application security tools and techniques.
Familiarity with CVSS, MITRE ATT&CK, and threat modeling.
Experience with cloud platforms (AWS, Azure, GCP) and container security.
Excellent communication, analytical, and project management skills.
Physical Demands:
Reasonable accommodations will be made to enable individuals with disabilities to perform the essential functions of this job.
AFFIRMATIVE ACTION STATEMENT:
Applicants must be currently authorized to work in the United States. We are proud to be an Equal Opportunity and Affirmative Action employer, and consider qualified applicants without regard to race, color, creed, religion, ancestry, national origin, sex, sexual orientation, gender identity, age, disability, veteran status or any other protected factor under federal, state or local law. This opportunity is available through Sysco Corporation, its subsidiaries and affiliates.
We are seeking a hands-on and strategic Vulnerability & Application Security Manager to lead and evolve our security posture across infrastructure and applications. This role is ideal for a technically proficient leader who thrives on solving complex security challenges, actively engages in day-to-day operations, and continuously identifies opportunities to mature and scale our security programs.
Duties and Responsibilities
Scanning, assessment, prioritization, remediation coordination, and tool management (e.g., Tenable, Wiz, Armis).
SDLC integration, SAST/DAST/SCA scans, threat modeling, secure coding collaboration, bug bounty management.
Identifying gaps, implementing automation, improving processes, staying current with threats and technologies.
Developing dashboards and tracking remediation progress, vulnerability trends, and risk posture.
Ensuring adherence to OWASP, NIST, PCI-DSS, HIPAA, and other relevant frameworks.
Mentoring staff, leading analysts/engineers, fostering growth and collaboration.
Qualifications
Education Required:
Bachelor's or Master's degree in Cybersecurity, Computer Science, Information Technology, or a related field
Experience Required:
7+ years of experience in cybersecurity, with at least 2 years in a leadership role or vulnerability management
Experience Preferred:
10+ years of experience in cybersecurity, with at least 4 years in a leadership role or vulnerability management
Licenses/Certifications Required:
CISSP, CISM, OSCP, or GIAC, or equivalent
Technical Skills and Abilities
Strong knowledge of vulnerability management tools (e.g., Tenable, Wiz, Armis).
Proven hands-on experience with vulnerability management and application security tools and techniques.
Familiarity with CVSS, MITRE ATT&CK, and threat modeling.
Experience with cloud platforms (AWS, Azure, GCP) and container security.
Excellent communication, analytical, and project management skills.
Physical Demands:
Reasonable accommodations will be made to enable individuals with disabilities to perform the essential functions of this job.
AFFIRMATIVE ACTION STATEMENT:
Applicants must be currently authorized to work in the United States. We are proud to be an Equal Opportunity and Affirmative Action employer, and consider qualified applicants without regard to race, color, creed, religion, ancestry, national origin, sex, sexual orientation, gender identity, age, disability, veteran status or any other protected factor under federal, state or local law. This opportunity is available through Sysco Corporation, its subsidiaries and affiliates.