Vulnerability & Application Security Manager

Employment Type Full time

Compensation Range The pay range provided is not indicative of Sysco’s actual pay range but is merely algorithmic and provided for generalized comparison. Factors that may be used to determine rate of pay include specific skills, work location, work experience and other individualized factors

Job Profile Summary We are seeking a hands-on and strategic Vulnerability & Application Security Manager to lead and evolve our security posture across infrastructure and applications. This role is ideal for a technically proficient leader who thrives on solving complex security challenges, actively engages in day-to-day operations, and continuously identifies opportunities to mature and scale our security programs.

Description

Job Summary

We are seeking a hands-on and strategic Vulnerability & Application Security Manager to lead and evolve our security posture across infrastructure and applications. This role is ideal for a technically proficient leader who thrives on solving complex security challenges, actively engages in day-to-day operations, and continuously identifies opportunities to mature and scale our security programs.

Duties and Responsibilities

• Scanning, assessment, prioritization, remediation coordination, and tool management (e.g., Tenable, Wiz, Armis).
• SDLC integration, SAST/DAST/SCA scans, threat modeling, secure coding collaboration, bug bounty management.
• Identifying gaps, implementing automation, improving processes, staying current with threats and technologies.
• Developing dashboards and tracking remediation progress, vulnerability trends, and risk posture.
• Ensuring adherence to OWASP, NIST, PCI-DSS, HIPAA, and other relevant frameworks.
• Mentoring staff, leading analysts/engineers, fostering growth and collaboration.

Qualifications

Education Required:

• Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Information Technology, or a related field

Experience Required:

• 7 years of experience in cybersecurity, with at least 2 years in a leadership role or vulnerability management

Experience Preferred:

• 10 years of experience in cybersecurity, with at least 4 years in a leadership role or vulnerability management

Licenses/Certifications Required:

• CISSP, CISM, OSCP, or GIAC, or equivalent

Technical Skills and Abilities

• Strong knowledge of vulnerability management tools (e.g., Tenable, Wiz, Armis).
• Proven hands-on experience with vulnerability management and application security tools and techniques.
• Familiarity with CVSS, MITRE ATT&CK, and threat modeling.
• Experience with cloud platforms (AWS, Azure, GCP) and container security.
• Excellent communication, analytical, and project management skills.

Physical Demands:

Reasonable accommodations will be made to enable individuals with disabilities to perform the essential functions of this job.

Overview Sysco is the global leader in foodservice distribution. With over 71,000 colleagues and a fleet of over 13,000 vehicles, Sysco operates approximately 333 distribution facilities worldwide and serves more than 700,000 customer locations. We offer our colleagues the opportunity to grow personally and professionally, to contribute to the success of a dynamic organization, and to serve others in a manner that exceeds their expectations. We’re looking for talented, hard-working individuals to join our team. Come grow with us and let us show you why Sysco is at the heart of food and service.

AFFIRMATIVE ACTION STATEMENT Applicants must be currently authorized to work in the United States. We are proud to be an Equal Opportunity and Affirmative Action employer, and consider qualified applicants without regard to race, color, creed, religion, ancestry, national origin, sex, sexual orientation, gender identity, age, disability, veteran status or any other protected factor under federal, state or local law. This opportunity is available through Sysco Corporation, its subsidiaries and affiliates.