Vulnerability Management Program Manager

Vulnerability Management Program Manager

Siemens Digital Industries Software is a leader in electronic design automation. Our products enable companies to develop better electronic products faster and more cost-effectively. Technical Operations (TechOps) provides the technology, platforms, expertise, and support that enable our development community and Siemens to be the leader in digitalization. This position resides at our flagship campus in Wilsonville, Oregon and reports to the Director, TechOps Program Office.

Siemens Digital Industries Software Technical Operations (TechOps) group is seeking an experienced Vulnerability Management Program manager to develop and implement a comprehensive vulnerability management program that aligns with our enterprise’s objectives and risk appetite. The program focus is on the company’s software development environments, primarily made up of Linux operating systems.

You will closely collaborate with cross-functional teams including IT, Cyber Security Compliance and Business stakeholders to identify and prioritize vulnerabilities and develop effective remediation plans for execution.

Your role will also include the evaluation and recommendation of vulnerability management applications and technologies, ensuring the optimal balance of effectiveness and efficiency. Our teams will look to you to help them stay current on industry trends, emerging threats and best practices in vulnerability management and adapting our program accordingly.

Responsibilities include:

• Establishing and maintaining strong relationships with key stakeholders across the organization, ensuring that vulnerability management priorities are well understood and integrated into Siemens Digital Industries Software product development and business processes.
• Defining the roadmap to maintain a secure posture for operating systems for Linux and Windows servers and the cadence of upgrades and patch management updates.
• Develop and deliver regular metrics, reports, KPI’s and presentations to executive leadership and key stakeholders communicating the status and effectiveness of the vulnerability management program.
• Building and leading a diverse vulnerability program that covers a secure software development lifecycle, patch governance and applications security.

Job Qualifications and Competencies

• Understanding of information security risk measurement, both qualitative and quantitative.
• Experience building and maintaining vulnerability metrics that can be easily understood and leveraged to reduce risk.
• Proven experience building and managing a successful comprehensive vulnerability management program, ideally in a software development company.
• Minimum of 10+ years of experience in information security with at least 5+ years in a leadership role focused on vulnerability management.
• Strong knowledge of cybersecurity principals and best practices accompanied by experience in managing security risks.
• Experience using vulnerability management, detection, and response applications (VMDR)
• Demonstrated ability to lead, manage, and mentor teams in a fast-paced dynamic environment to achieve high performance.
• Excellent communication and collaboration skills, with the ability to effectively communicate complex security topics to a diverse audience.

Certifications: (at least one)

• Certified Information Systems Security professional (CISSP)
• Certified Information Security Manager (CISM)

At Siemens we are always challenging ourselves to build a better future. We need the most innovative and diverse Digital Minds to develop tomorrow’s reality. Find out more about the Digital world of Siemens here: www.siemens.com/careers/digitalminds

#SWSaaS (SaaS Transformation Posting)

#LI-PLM

#DISW

#LI-HYBRID