Senior Manager of Vulnerability Management
Company: Cox Automotive
Location: Riverdale
Posted on: July 15, 2025
|
|
|
Job Description:
The Senior Manager of Vulnerability Management will lead a team
of cybersecurity professionals that provide continuous internal and
external vulnerability scanning and reporting, continuous
configuration monitoring of both on-premise and multi-cloud
environments. This role will manage the external attack surface and
monitor for critical vulnerabilities impacting the Cox Automotive
environment and lead rapid vulnerability response efforts. The
scope of this role is Cox Automotive wide and includes both
enterprise and product technologies as well as both domestic and
international business units. This role will directly report to the
Senior Director of Vulnerability Management and Continuous Control
Monitoring. Primary Responsibilities: Lead and mentor a team of
cybersecurity professionals that: Deliver continuous scanning,
identification, and reporting of the external facing attack surface
throughout on-premise and cloud-based environments across both
enterprise and product technologies. Provide continuous scanning,
identification, and reporting of vulnerabilities throughout
on-premise and cloud-based environments across both enterprise and
product technologies. Manage the operations and effectiveness of
the configuration security posture management and compliance
capabilities for multiple hyperscaler cloud environments (AWS,
Azure, OCI, etc.). Partner with the Security Architecture team to
ensure that critical cybersecurity configurations are monitored
through the cloud security posture management (CSPM) and Software
as a Service security posture management (SSPM) capabilities.
Recommend, socialize, and gain consensus on minimum patching and
vulnerability mitigation standards and policies across both
enterprise and product technology teams. When imminent threats or
relevant zero-day vulnerabilities are identified, lead rapid
vulnerability response efforts across the entire Cox Automotive
Product and Technology Group. Monitor vulnerability mitigation
progress and partner with engineering teams to provide
recommendations for efficient risk remediation or mitigation.
Provide regular reporting on the current state of vulnerabilities
and configurations throughout the entire Cox Automotive environment
including both on-premise and cloud environments globally. Partner
with risk management, compliance, and audit teams to address
regulatory and contractual requirements. Partner with merger and
acquisition teams to ensure rapid deployment of vulnerability
scanning, attack surface, and related visibility tools to
acquisitions. Lead and coordinate large-scale information security
projects, including implementation and delivery of infrastructure
security scanning. Responsible for staying abreast of industry
leading vulnerability and software security vendors and informing
their product roadmaps. Working knowledge/experience of network
systems, security principles, and applications. Fundamental
understanding of defense-in-depth and intelligence-driven
strategies. Detailed knowledge of vulnerability management,
configuration management, software security, red team concepts,
tools and trends. Minimum Qualifications: Bachelor's degree in a
related discipline and 8 years' experience required in the field of
information security with a demonstrated path of increasing scope
and management responsibilities. The right candidate could also
have a different combination, such as a master's degree and 6
years' experience; a Ph.D. and 3 years' experience in a related
field; or 20 years' experience in a related field 3 years directly
managing cybersecurity Vulnerability Management team/s Ability to
drive consensus and collaboration among many diverse teams,
individuals and functional groups to achieve desired business
results. Excellent interpersonal, leadership, presentation, and
collaborative skills to work effectively with teams throughout
organization. Demonstrated track record of both project and
operational delivery. Demonstrated knowledge and expertise in
vulnerability assessment, risk management, and cybersecurity
frameworks and standards (e.g., NIST, ISO, CIS, OWASP). Strong
knowledge of vulnerability scanning and analysis and attack surface
management tools (e.g., Qualys, Nessus, Rapid7, Tenable, Veracode,
Shodan, etc.) At least one relevant industry security certification
- CISSP, SANS GIAC, C|EH, CISM, CRISC, CISA. Preferred
Qualifications: Advanced degree (MBA / MS). 5 years of experience
in a senior management role. Cybersecurity experience in critical
infrastructure industries (i.e. telecommunications, financial
services, defense or government) USD 144,900.00 - 241,500.00 per
year Compensation: Compensation includes a base salary of
$144,900.00 - $241,500.00. The base salary may vary within the
anticipated base pay range based on factors such as the ultimate
location of the position and the selected candidate's knowledge,
skills, and abilities. Position may be eligible for additional
compensation that may include an incentive program. Benefits: The
Company offers eligible employees the flexibility to take as much
vacation with pay as they deem consistent with their duties, the
company's needs, and its obligations; seven paid holidays
throughout the calendar year; and up to 160 hours of paid wellness
annually for their own wellness or that of family members.
Employees are also eligible for additional paid time off in the
form of bereavement leave, time off to vote, jury duty leave,
volunteer time off, military leave, and parental leave.
Keywords: Cox Automotive, East Point , Senior Manager of Vulnerability Management, IT / Software / Systems , Riverdale, Georgia
