Manager, Threat & Vulnerability
BWAY

Job Info

---

Job Description

Plant Name: Atlanta Headquarters - 105050

Requisition ID:009145--Corp

Mauser Packaging Solutions is a global leader in solutions and services across the packaging lifecycle, providing large and small metal, plastic, fiber and hybrid packaging worldwide to companies in industries from food, beverage, personal care and pharmaceuticals to chemicals, petrochemicals, agrochemicals and paints. Bringing together the very best of its four legacy companies- BWAY, MAUSER Group, NCG and ICS-Mauser Packaging Solutions offers its customers true sustainability at scale.

Job Description

In this dynamic role, the Threat & Vulnerability Manager is responsible for identifying internal and external risks that may affect the cyber security posture of the company, including the confidentiality, integrity, and availability of its systems and assets. You are charged with identifying vulnerabilities and weaknesses in systems, applications, processes, networks, testing for exploitability, potential vectors of compromise and are responsible for aligning people, process, and technology to meet the demand and business requirements enterprise wide while being responsible for the assessment and measurement of the effectiveness of Information Security controls designed to protect assets and secure data.

The appropriate leader in this space will have excellent communication and presentation skills with confirmed skill in presenting analytical data effectively to dynamic audiences while establishing well-defined procedures and appropriate mitigation strategies derived from risk analysis and lessons learned.

The position will also be responsible for executing the strategic direction set by the Director of Global Information Security.

Duties

• Design, coordinate and execute technical vulnerability assessments for all aspects of the company to include, but not limited to: network and security infrastructure (to include IaaS and wireless), servers (all operating systems), workstations (all operating systems), web and application delivery servers, databases, applications, processes and cloud-based vendors.
• Understand and deploy techniques consistent with penetration testing to include, but no limited to: full scope assessments, server and client-side attacks, and web application exploitation, and Advanced Persistent Threat (APT) threats, and the tools and techniques leveraged
• Maintain all tools that are used in the scanning and identification of vulnerabilities, as well as the tools used to rationalize, consolidate, and apply additional contextual information
• Identify and assess specific emergency or priority vulnerabilities, guided by input from other elements (such as cyber intelligence and manufacturer recommendations), and suggest specific remediation approaches.
• Analyze vulnerability data and produce prioritization and remediation timelines commensurate with risk
• Communicate risk and expectations to accountable risk owners and their delegates;
• Understand vulnerabilities, their impacts, mitigation techniques, and document and articulate this understanding to various stakeholders
• Coordinate with the Security Architecture team to provide updates to security standards and templates as required to meet new regulatory/audit/etc. requirements
• Complete project/task work accurately and timely
• Provide detailed management level reporting and dashboards designed to demonstrate consistency against expected control outcomes, including compliance obligations;
• Ensure appropriate resources are allocated in support of service levels from the team are met;
• Ensure resources are adequately equipped and trained to perform their tasks; and
• Provide mentoring support and guidance to junior team members
• Maintain business relationships with key partners across the company with the intention of driving improvements in operational security
• Awareness of the latest cybersecurity trends and developments.
• Experience in planning and leading collaboration among technical teams
• Experience in building consensus across multiple organizations with distributed and heterogeneous teams comprised of individuals with divergent priorities.

Job Requirements
Required Qualifications

• Bachelor's degree in Computer Science, Management Information Systems, Technology, Business or High School Diploma/GED accompanied by adequate years of related work or military experience required.
• MBA or Master's degree preferred
• Minimum 5 years of relevant risk, threat and vulnerability Information Security experience.
• Minimum of 2 years Enterprise tools (Rapid7 InsightVM)
• Minimum of 2 years of leadership experience in vulnerability management or managerial experience in several Information Security domains.
• Experience leading Information Security teams and management programs in large, diverse, highly regulated IT environments.
• Experience leading and/or performing detailed control testing, including regulatory audit and compliance test scenarios.

• Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job opening.

Preferred Qualifications

• CISSP, CGEIT, GIAC, or CRISC certifications.
• Manufacturing experience.
• Leading large volumes of structured data to drive analysis and decision-making.
• Self-starter with ability to work with only limited guidance/direction
• International consulting experience is a plus

EOE

This job has expired.