Deckers BrandsRemote
Lead Vulnerability Management Security Engineer
United States of America
Full-time
1 week ago
$120,000 - $130,000 USD
H1B Sponsor Likely
Key skills
Vulnerability managementSecurity frameworksVulnerability management toolsRisk-based assessmentsSecurity professional certificationScripting languagesAnalytical skillsCommunication skillsCollaborative mindsetStrategic thinkerPythonPowerShellCommunication
About this role
Deckers Brands is committed to safeguarding its people, products, and platforms, and is seeking a Lead Vulnerability Management Security Engineer to set the strategic direction for vulnerability management. The role involves collaborating with teams to identify, assess, and remediate security risks, while driving the adoption of advanced technologies to enhance security measures.
Responsibilities:
- Lead the review and analysis of vulnerability data to identify trends, patterns, and key risks across Deckers’ global environment
- Facilitate vulnerability management meetings and drive risk-based discussions to prioritize and accelerate remediation efforts
- Advise and support remediation teams in developing actionable plans to address vulnerabilities and strengthen our security posture
- Perform risk-based assessments for both on-premise and cloud-based services, ensuring robust protection for critical assets
- Integrate advanced security technologies and automation tools to enhance threat detection and response capabilities
- Build and present business cases for adopting new security solutions to mitigate emerging risks
- Develop, consolidate, and maintain security metrics to measure the effectiveness of our cybersecurity program
- Apply industry-leading frameworks (NIST, ISO27001/2, CIS Top 20 Controls) to establish and maintain best-in-class security measures
- Foster strong relationships with technical teams, serving as a trusted advisor and championing a culture of security awareness
- Contribute to the strategic direction of the Technical Security team by designing and implementing tools that enhance customer trust and detect suspicious activity
Requirements:
- BA/BS degree or equivalent experience in a relevant field
- 4+ years of hands-on experience in vulnerability management, including scanning, assessment, and remediation
- Proven success in starting and growing a vulnerability management program
- Proficiency with leading vulnerability management tools (Tenable, CrowdStrike) and scripting/automation languages (PowerShell, Python)
- Deep understanding of security frameworks and compliance standards (NIST, ISO27001/2, CIS Top 20 Controls, PCI-DSS, HIPAA)
- Strong analytical skills to identify patterns, trends, and actionable insights from complex vulnerability data
- Excellent communication skills for reporting and stakeholder engagement
- Collaborative mindset with the ability to serve as a trusted advisor across cross-functional teams
- Self-driven, strategic thinker with a passion for advancing cybersecurity programs
- Security professional certification (CISSP, CVA, GEVA, or similar)