Description:
This a critical technical leadership role within our Information Security team with end-to-end responsibility for strategy, oversight and execution of the KraftHeinz Vulnerability Management and Attack Surface Management capabilities.
What's on the menu?
- Continuously build and execute a strategic vision for the Vulnerability and Attack Surface Management program and its capabilities in alignment with organization’s Information Security and Information Technology programs, program goals and business objectives.
- Drive all efforts necessary to ensure timely identification, analysis, and remediation of vulnerabilities across all IT assets, including applications, servers, networks, and endpoints.
- Establish and maintain strong relationships with key stakeholders, including business capabilities, infrastructure, networking, application development, compliance, communications and other executive and non-executive leadership.
- Continuously monitor and evaluate emerging security threats, trends, and technologies for continuous analysis and improvement of the organization’s vulnerability and attack surface management capabilities.
- Develop and implement processes for continuous attack surface monitoring and reduction, ensuring the organization’s exposure to threats is continuously minimized and optimally protected.
- Oversee the configuration, operation, and maintenance of vulnerability testing and management platforms, attack surface management technologies, and other related tooling.
- Provide technical guidance and support for vulnerability assessments, penetration testing, and attack surface management activities
Recipe for Success Apply Now if this sounds like you!
- I have experience in information security, with at least 5 years in a hands-on vulnerability management and/or attack surface management role.
- I understand the nature of vulnerabilities and weaknesses, and can articulate detection and remediation methods for vulnerabilities to technical and non-technical audiences.
- I have expert-level understanding of vulnerability and attack surface testing and management techniques, processes and platforms.
- I have significant experience in designing, building, testing, implementing and refining workflows of varying complexity.
- I have strong understanding of common security frameworks (e.g., NIST, CIS, ISO).
- I have proven experience in leading and managing security teams, with a track record of developing and executing strategic initiatives.
- I have excellent communication, interpersonal, and leadership skills.