Role: Technical Security Project Manager/Vulnerability & Patch Management

Location: Wilmington, DE or Urbandale/Des Moines, IA (Hybrid)

Duration: Long-Term

Job Description:

Lead and manage IT and security-related programs and initiatives, ensuring alignment with cross-functional stakeholders, organizational goals, industry best practices, and regulatory requirements.

Collaborate with cross-functional teams, including IT, engineering, product, legal, and compliance, to integrate security requirements into business processes and the product development lifecycle.

Manage the planning, execution, and delivery of IT and security projects, ensuring adherence to timelines, budgets, and quality standards.

Define and track key security metrics and performance indicators to measure the effectiveness of security programs and initiatives, such as vulnerability management, incident management, change management and others.

Quantitatively manage the completion of security objectives based on the analysis of data and indicators.

Partner with Sales, Customer Success, Engineering and Product teams to manage customer-driven IT and Security requirements, including the coordination of requirements identification and intake, work assignment and scheduling, and integration and delivery.

Preferred Knowledge, Skills, and Abilities:

Three (3) years of enterprise-class information technology and security vulnerability management experience with the capabilities in elevating a vulnerability program with proper reporting in place and ability to identify enhancements.

Three (3) years of relevant experience in a supervisory capacity managing small to medium sized teams in a large IT enterprise environment.

Strong hands-on experience and knowledge with Cloud Technologies: (e.g., related to Fundamentals, Security, Amazon AWS, Microsoft Azure, Google Cloud Platform).

Strong knowledge and experience evaluating, designing, testing, and supporting hardware and software-based security.

Strong knowledge and experience with information security and network communications practices and principles, technologies, and systems.

Proficient knowledge and experience with vulnerability scanning plus risk and mitigation best practices.

Ability to stay knowledgeable of cybersecurity trends and emerging threats.

Proficient knowledge and proven experience with the following skillsets:

Networking/Data Communications

Risk Management

Operating Systems (e.g., Windows/Linux)

Vulnerability management tools such as Tenable and Palo Alto Xpanse

Other Security Tool sets/categories (e.g., Firewalls, Routers/switches, Database, Web Servers, Applications); Common vulnerabilities, CVEs, and CWEs; Encryption and cipher technologies

• Experience with security frameworks such as NIST (e.g., NIST 800-53) and CIS.
• Demonstrated experience and success with development and promulgation of enterprise-class security policy and standards.
• Demonstrated experience and success with completion of risk assessments and vulnerability assessments.
• LAN/WAN operational experience, including networking, OS, web/application/Database servers, storage, hardware, firewalls, and monitoring and detection tools.
• Excellent people management, communication, and customer interaction skills.
• Ability to work independently, manage projects, and exercise judgement in reaching solutions.
• Ability to quickly grasp how new technologies work and how they might be applied to achieve business goals.
• Demonstrated ability to communicate effectively, both orally and in writing.
• Experience in scrum, kanban and SAFe.

Certification(s):

• CISSP, A , Security , CEH, CISA, CRISC, or other IT security operations/vulnerability management certifications is a plus, but not required.