Manager Vulnerability Cloud Security

Are you looking to Optimize your life? Start your exciting path to a rewarding career today!
We are Optimum, a leader in the fast-paced world of connectivity, and we're on the hunt for enthusiastic professionals to join our team! We understand that connectivity isn't just a luxury anymore - it's a necessity that empowers lives, fuels businesses, and drives innovation. A career at Optimum means you'll be enabling progress and enhancing lives by providing reliable, high-speed connectivity solutions that keep the world connected. We owe our success to our amazing product, commitment to our people and the connections we make in every community.
If you are resourceful, collaborative, team-oriented and passionate about delivering consistent excellence, Optimum is the Company for you!
We are Optimum!
Job Summary
The primary responsibility of the Vulnerability Management & Cloud Security lead role is to build out a holistic vulnerability management program focused on ensuring that vulnerabilities in our environment are quickly identified, triaged, tracked, and appropriately remediated. This role involves working with cross-functional stakeholders to drive remediation and systemic hygiene improvements.
Responsibilities

• Lead and Oversee Vulnerability Management Program: Develop, implement, and continuously improve a comprehensive vulnerability management program. This includes building a VM Working committee, hosting monthly and weekly meetings with stakeholders and driving risk reduction through hands on collaboration and metrics measurement.
• Metrics and Reporting: Establish key performance indicators (KPIs) and metrics to measure the effectiveness of the vulnerability management program
• Provide regular reports and presentations to senior leadership, highlighting program status, progress, and areas for improvement.
• Identifying, assessing, prioritizing, and remediating vulnerabilities across the organization's infrastructure, applications, and systems including cloud environments such as GCP and AWS.
• Enhance the risk management program and align with the cloud operating model currently being defined. This alignment will enable cloud risks to be reported by the relevant teams. Establish robust processes for the ongoing identification, evaluation, and control of risks associated with the Google Cloud Platform.
• Collaborate with the Cloud Engineering team to establish a process that will facilitate the effective identification and monitoring of risks related to the Google Cloud Platform environment.
• Develop the Cloud Security Standard to incorporate robust cloud-specific security requirements and collaborate with the Cloud Engineering team to expand the requirements of the existing Cloud Computing Policy and Cloud Security Standard.
• Cross-Functional Collaboration: Work closely with security, IT, development, and operations teams to ensure effective identification, communication, and remediation of vulnerabilities
• Foster strong relationships to align vulnerability management efforts with business objectives and risk management strategies
• Tracking and following up on findings with asset owners to ensure that vulnerabilities are remediated or receive proper tracking and approved exceptions.
• Providing regular reports and updates to senior management on the status of the vulnerability management program, including progress on remediation efforts and any critical vulnerabilities requiring immediate attention.
• Risk Assessment and Prioritization: Conduct regular risk assessments to evaluate the potential impact of identified vulnerabilities
• Prioritize remediation efforts based on risk, business impact, and regulatory requirements to ensure the most critical vulnerabilities are addressed promptly

Qualifications

• Requires 10 or more years of related cybersecurity experience
• 7+ years of experience in information security, with at least 3 years specifically focused on vulnerability management; including experience with vulnerability assessment tools and methodologies that must include at least one cloud environment
• Vulnerability Management experience within major cloud environments (AWS, Azure, GCP, etc.)
• Familiarity with security frameworks and standards, such as NIST, ISO 27001, OWASP Top 10, or CIS Critical Security Controls.
• Proven track record of being a self- driven, independent leader that can build a program and gather stakeholders to accomplish shared goals
• In-depth knowledge of various operating systems (Windows, Linux, macOS), network protocols, application security and cloud security
• Proficiency in using vulnerability scanning tools (e.g., Tenable, Nessus, Xpanse, etc.) and security information and event management (SIEM) systems
• Strong understanding of risk management principles and practices
• Ability to assess and prioritize vulnerabilities based on risk and business impact
• A minimum of one recognized security certification, such as CISSP, CISM, or OSCP
• Experience with industry-standard enterprise vulnerability scanning offerings, such as Qualys, Tenable, or RiskIQ and Attack Surface Management platforms
• Bachelor's degree in Computer Science or related discipline

At Optimum, we're fueled by our four core pillars: Taking Ownership, Upholding Transparency, Creating Community, and Demonstrating Expertise. Our commitment to empowering employees to take responsibility and embrace proactive problem-solving underpins Taking Ownership. Upholding Transparency is at the core of our culture, with open and honest communication fostering trust among our dedicated team and loyal customers. Creating Community is more than a goal; it's our daily commitment to fostering an environment of collaboration, innovation, and positivity. Demonstrating expertise is a promise we uphold through continuous learning and engagement with our customers to consistently deliver top-quality products and services. These pillars not only shape our culture but define Optimum as a place of excellence, trustworthiness, and thriving community, and we invite you to be a part of our journey.
If you have the drive to succeed and are ready to embark on a thrilling career, seize this opportunity today, and join our winning team, so together, we'll shape the future of connectivity.
All job descriptions and required skills, qualifications and responsibilities for a particular position are subject to modification by the Company from time to time, in the Company's discretion based on business necessity.
We are an Equal Opportunity Employer committed to recruiting, hiring and promoting qualified people of all backgrounds regardless of gender, race, color, creed, national origin, religion, age, marital status, pregnancy, physical or mental disability, sexual orientation, gender identity, military or veteran status, or any other basis protected by federal, state, or local law.
The Company collects personal information about its applicants for employment that may include personal identifiers, professional or employment related information, photos, education information and/or protected classifications under federal and state law. This information is collected for employment purposes, including identification, work authorization, FCRA-compliant background screening, human resource administration and compliance with federal, state and local law.
Applicants for employment with The Company will never be asked to provide money (even if reimbursable) as part of the job application or hiring process. Please review our Fraud FAQ for further details.
This position is identified as being performed in/or reporting to company operations in New York State. Salary ranges are supplied in compliance with New York State law. Pay is competitive and based on a number of job-related factors, including skills and experience. The starting pay rate/range at time of hire for this position in the posted location is $123,379.00 - $202,694.00 / year. The rate/range provided herein is the anticipated pay at the time of hire, and does not reflect future job opportunity.
Nearest Major Market: Long Island
Nearest Secondary Market: New York CIty