Apply on Employer Site

Delta Dental Ins. · 1 day ago

Expert (Staff) Vulnerability Management Engineer

United States

Full-time

Remote

Senior Level, Lead/Staff

$141K/yr - $305K/yr

7+ years exp

Delta Dental Ins. is dedicated to safeguarding the health and financial stability of its employees and their loved ones. They are seeking an Expert (Staff) Vulnerability Management Engineer to join their Enterprise Vulnerability Management team, responsible for planning, developing, and implementing enterprise-scale vulnerability management solutions to address security needs.

Health CareHealth InsuranceInsurance

No H1B

Responsibilities

Performs vulnerability management capability assessments, process development and refinement activities, technology capability assessments, and solution design and implementation projects that ensure the security of the enterprise environment

Leads strategic planning activities informed by capability assessments which holistically address current and future maturity states of vulnerability management capabilities. Builds strong narratives to drive decision-making and educates leadership stakeholders on proposed plans

Serves as a security expert in vulnerability management solutioning, including vulnerability identification, assessment, and validation for CI/CD pipelines, cloud environments, and infrastructure

Engages with enterprise architects, security specialists, technology engineers, and other functional area specialists to ensure that enterprise technologies and security solutions are correctly configured and deployed to sufficiently mitigate identified risks and meet requirements for the enterprise, customers, partners, and vendors

Exercises thought leadership in the creation and maintenance of vulnerability management capabilities, processes, procedures, technologies, and technical capability requirements

Creates and maintains a view of IT assets, related attack surfaces, and emerging vulnerabilities to illustrate the flow of data and associated security threats

Manages the entire lifecycle of vulnerabilities from discovery, triage, advising, remediation, and validation

Serves as a cybersecurity subject matter expert, assessing the business impact of cybersecurity risks to the enterprise and identifying options and recommendations for mitigating those risks

Serves as an expert in platform, application, storage, network, virtualization, cloud, and mobile security best practices

Develops leadership-level communications, including board of director and executive metrics, business cases, standards, policies, procedures, architecture design documents, etc

Communicates and interacts effectively with leadership, management, co-workers, internal and external customers, and partners. Communicates strategic planning narratives and design, as well as implementation plans, to both technical and non-technical audiences

Focuses on building stakeholder partnerships and offers support to other contributors within the Technology Org

Contributes to team culture by modeling integrity, inclusivity, accountability, and collaboration

Educates, coaches, and mentors junior team members and expands the team's overall skill sets

Qualification

CybersecurityVulnerability ManagementMicrosoft AzureSecurity TheoryRisk QuantificationProgramming LanguagesData AnalyticsStrategic PlanningCommunication SkillsTeam Collaboration

Required

7+ years of professional experience in Cybersecurity domain with a Bachelor's degree in Computer Science, Information Security, or a related field; an equivalent combination of education and experience will also be considered

8+ years of combined hands-on cybersecurity and vulnerability management development and implementation work. Experience with a broad exposure to cloud, infrastructure, network, and multi-platform environments

2+ years of hands-on experience assessing vulnerabilities and using contextual risk to prioritize remediation efforts

2+ years of experience in responding to zero-day and high-profile vulnerabilities

2+ years of experience in cybersecurity solution engineering or security service delivery

2+ years of leadership experience with planning and managing cybersecurity implementations and/or leading a team of technical resources. This role will require the management of several (2 to 4) concurrent large-scale vulnerability management capability development projects

A strong, complete, and working understanding of Microsoft Azure cloud and foundational cloud concepts

A robust understanding of contemporary security theory and application, including the vulnerability lifecycle, scanning methodologies (SAST, DAST, IAST, RASP), exploitation techniques, and attack vectors

Strong understanding of systems development lifecycle to lead multifunctional projects or initiatives

A robust understanding of vulnerability scoring systems (CVSS), security benchmarks (CIS, NIST), and risk quantification techniques

Excellent written and verbal communication skills (including technical writing)

Excellent communication and presentation skills, with the ability to convey technical concepts to diverse audiences and a strong emphasis on listening and understanding stakeholder needs

Ability to develop executive communications and interact with senior leadership

Strong ability to build trust, partnerships, and mutual support across many diverse teams

Strong strategic planning, maturity assessment, analytical and problem-solving skills; ability to examine issues both strategically and analytically

Adaptive and demonstrated ability to learn quickly

Ability to interact well with co-workers and outside contacts

Ability to work collaboratively in a team environment

Ability to work on multiple, simultaneous initiatives and prioritize workload to meet commitments

Self-motivated with a strong sense of urgency

History of and commitment to ethical behavior