Cyber Vulnerability Lead

Phoenix, AZ, United States

Cyber Vulnerability Lead

Date: Apr 17, 2024

Location: Remote, US

Company: Under Armour

Values & Innovation

At Under Armour, we are committed to empowering those who strive for more, and the company's values - Act Sustainably, Celebrate the Wins, Fight on Together, Love Athletes and Stand for Equality - serve as both a roadmap for our teams and the qualities expected of every teammate.

Our Values define and unite us, the beliefs that are the red thread that connects everyone at Under Armour. Our values are rallying cries, reminding us why we're here, and fueling everything we do.

Our pursuit of better begins with innovation and with our team's mission of being the best. With us, you get the freedom to go further - no matter your role. That means developing, delivering, and selling the state-of-the-art products and digital tools that make top performers even better.

If you are a current Under Armour teammate, apply to this position on theInternal Career Site Here. (https://performancemanager8.successfactors.com/sf/careers/jobsearch?bplte_company=ua&_s.crb=aNMP8gWoYkBDFn%252bz2BldysgcgQHZpVs6tHzE9smSuXE%253d)

Purpose of Role

The Lead, Vulnerability Management will be responsible for developing, coordinating, and streamlining the vulnerability management program at Under Armour. This individual should be an experienced cyber security professional with a strong understanding of how to create and lead vulnerability management programs. The Lead is ultimately responsible for ensuring our business units can be measured towards compliance set by Under Armour policy and directives. You will be responsible for generating reports for senior leaders and business units across Under Armour. This role is an opportunity to make a visible impact across Under Armour.

Your Impact

Manage the Vulnerability Management program as a leader and subject matter expert.

Perform vulnerability assessments by both manual and automated methods.

Understand, design, and develop vulnerability mitigation strategies, prioritize identified vulnerabilities, and manage risk associated with vulnerabilities.

Establish and drive metrics, analytics, reporting, and a roadmap for continual program improvement.

Author vulnerability management guidelines, processes, policies, and standards.

Continually improve awareness of the latest technology trends, mainly as they apply to vulnerability management and technologies used within the company.

Maintain awareness of new and upcoming vulnerabilities and coordinate across teams to determine the impact.

Participate in impact assessments to help define prioritization and proper monitoring coverage.

Develop and maintain automated situational awareness dashboards for leadership and system owners.

Advocate for policy and technological improvements across the company related to cyber security and vulnerability assessment.

Manage the vulnerability assessment infrastructure – Tenable.io and Tenable Nessus Scanners.

Qualifications

Bachelor's Degree in Information Systems Security, Cybersecurity, or related field or equivalent work experience.

Bachelor's degree with typically 8 years of relevant experience or Master's degree with typically 6 years of relevant experience or typically 12 years of relevant work experience without degree.

Proven experience in security operations, vulnerability management, or a similar position.

Experience performing vulnerability assessments on Windows, Linux, networking and other IP devices, mobile environments, and Cloud environments.

3+ years of experience utilizing vulnerability scanning technology from companies such as Tenable or Rapid7.

Experience with vulnerability management practices in AWS, GCP, or Azure.

Understanding of PCI, GDPR, and SOX compliance is a plus.

Strong determination and ability to automate common tasks - Python, Ruby, or PowerShell.

The ability to utilize and process data programmatically, from both static sources and APIs.

Workplace Location

Location: Remote

Return to Work Designation: Remote

Travel: Less than 10% of the year

Licenses/Certifications: One or more cyber security or audit certifications such as GEVA,CISM, OSCP, CASP, GIAC (or equivalent experience)

Relocation

No relocation provided

Base Compensation

$120,000.00 - $165,000.00 USD

Most new hires fall within this range and have the opportunity to earn more over time. Initial placement within the salary range, however, is based on an individual's relevant knowledge, skills and experience for the position. UA is committed to helping our teammates succeed and advance in their careers. Base salary is only one component of our competitive Total Rewards package.

Benefits & Perks

Paid "UA Give Back" Volunteer Days: Work alongside your team to support initiatives in your local community.

Under Armour Merchandise Discounts

Competitive 401(k) plan matching.

Maternity and Parental Leave for eligible and FMLA-eligible teammates

Health & fitness benefits, discounts and resources- We offer teammates across the country programs to promote physical activity and overall well-being.

Want more details about benefits? Visit our page here (https://usbenefitsoverview.underarmour.com/)

Our Commitment to Diversity

At Under Armour, we are committed to providing an environment of mutual respect where equal employment opportunities are available to all applicants and teammates without regard to race, color, religion or belief, sex, pregnancy (including childbirth, lactation and related medical conditions), national origin, age, physical and mental disability, marital status, sexual orientation, gender identity, gender expression, genetic information (including characteristics and testing), military and veteran status, family or paternal status and any other characteristic protected by applicable law. Under Armour believes that diversity and inclusion among our teammates is critical to our success as a global company, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool. Accommodation is available for applicants with disabilities upon request.