Vulnerability Manager - Virtual, United States

About Us

WorkForce Software, an ADP Company, is the first global provider of workforce management solutions with integrated employee experience capabilities. The company’s WorkForce Suite adapts to each organization’s needs—no matter how unique their pay rules, labor regulations, and schedules—while delivering a breakthrough employee experience at the time and place work happens. Enterprise-grade and future-ready, WorkForce Software is helping some of the world’s most innovative organizations optimize their workforce, protect against compliance risks, and increase employee engagement to unlock new potential for resiliency and performance. Whether your employees are deskless or office workers, unionized, full-time, part-time, or seasonal, WorkForce Software makes managing your global workforce easy, less costly, and more rewarding for everyone.

Over one thousand organizations with more than 4 million users in over 100 countries rely on WorkForce Software solutions to streamline compliance, reduce labor costs, provide more intuitive tools to their employees, and achieve strategic HR on a global basis.

As a Vulnerability Manager you will be responsible for overseeing WorkForce Software's vulnerability management program, reducing the organization's overall risk exposure by mitigating as many vulnerabilities as possible. This includes identifying, assessing, prioritizing, and mitigating vulnerabilities across systems and applications by conducting regular scans, analyzing findings, communicating risks to stakeholders, and driving remediation efforts to maintain a robust security posture; this includes collaborating with different teams across the organization to ensure timely patching and security hardening and secure coding practices are implemented.

The Vulnerability Manager drives vulnerability management strategies and goals through leading, coaching, mentoring and providing guidance. Develops and maintains strong partnerships with stakeholders, ensuring end-to-end vulnerability remediation. Directs vulnerability assessments and penetration tests, assists with strategic planning, supports compliance and risk management activities, and pushes for improvements to mitigate risk.

This candidate will also participate in and be responsible for security related projects including product evaluations, designs, implementations, testing updating cybersecurity policies, processes, and Standard Operating Procedures (SOPs).

Responsibilities

• Assessing, validating, and triaging vulnerabilities, working closely with asset owners to ensure timely remediation or approved exception tracking.
• Maintaining vulnerability scanning infrastructure and configurations as well as evaluating and recommending new products and solutions ensuring the most up-to-date and accurate vulnerability detection and assessment.
• Managing and overseeing the coordinated disclosure / bug bounty program and working closely with external security researchers and internal stakeholders to address reported vulnerabilities and to uphold Toyota’s reputation as a cybersecurity leader and a partner to the information security community.
• Tracking and following up on findings with asset owners to ensure that vulnerabilities are remediated or receive proper tracking and approved exceptions.
• Providing regular reports and updates to senior management on the status of the vulnerability management program, including progress on remediation efforts and any critical vulnerabilities requiring immediate attention.
• Establish and enforce security policies, procedures, and best practices across the organization, promoting a culture of security awareness.
• Conduct regular risk assessments and vulnerability scans to identify and prioritize security threats and weaknesses.
• Evaluate and recommend security tools, technologies, and solutions to enhance the organization's security posture. Lead the evaluation of new tools to help improve WorkForce Software’s Information Security posture.  
• Support WorkForce Software’s information security management program based on ISO27001, NIST, and other industry-recognized frameworks. Ensure compliance with relevant cybersecurity regulations, industry standards, and data protection laws.
• Conduct security awareness training programs for employees to educate them about security risks and best practices. Conduct information security research to keep abreast of latest security threats, vulnerabilities, and risks.  

Requirements

• Strong leadership, communication, and organizational skills, with the ability to effectively manage and develop a team and collaborate with cross-functional stakeholders.
• 8+ years of experience in IT, Cybersecurity, Risk / Vulnerability Analysis or Management, or related fields, with at least 2 years in a leadership role.
• Strong knowledge of vulnerability management processes, tools, best practices, and vulnerability validation and triaging.
• Bachelor's degree in computer science or related discipline, or equivalent work experience
• Experience with industry-standard enterprise vulnerability scanning offerings, such as Qualys, Tenable, and Attack Surface Management platforms
• Vulnerability Management experience within major cloud environments (OCI, AWS, Azure, GCP, etc.)
• Familiarity with security frameworks and standards, such as NIST, ISO 27001, OWASP Top 10, or CIS Critical Security Controls.
• Relevant certifications, such as CISSP, CISM, or OSCP, are highly desirable.

Education

• Bachelor's degree in computer science or related discipline, or equivalent work experience

This job description is not intended to be all inclusive, and employee will perform other reasonably related business duties as assigned by the immediate supervisor and other management as required.

To maintain our goal of remaining a diverse and inclusive company, WorkForce Software advocates for and promotes a diverse, equitable, safe, and professional workplace where all people feel welcomed and empowered. We are committed to creating an environment that supports and celebrates the full range of our individual and collective differences, so that everyone can do their best and most innovative work, on the job and in our communities.

WorkForce Software is committed to the full inclusion of all qualified individuals. As part of this commitment, WorkForce Software will ensure that persons with disabilities are provided reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact our Talent Acquisition Department at careers@workforcesoftware.com, 1-833-987-3831.

WorkForce Software is an Equal Opportunity Employer.

Compensation$130,000 USD Annually to $150,000 USD Annually Plus Bonus