The Elevator Pitch: Why will you enjoy this new opportunity?
Our culture embraces and encourages innovation within each team. With that comes new challenges and opportunities for innovation for the Vulnerability Management team. This allows us the flexibility to create and own our processes end-to-end without a lot of red tape.
What is primary need, technical challenge, and/or problem you will be responsible for?
Our team provides a worldwide service to the company for proactively protecting VMware assets/services in SaaS, on-premise, and federally regulated environments. VMware is growing as a company and so are our offerings/customer base. Our primary technical challenge is scaling to meet the needs of the business. We partner with security champions throughout VMware to provide remediation support. Channeling this passion will help improve response time, collaboration with each Business Unit (BU), and driving innovation through automation.
Success in the Role: What are the performance goals over the first 6-12 months you will work toward completing?
Within 6 months:
Participate in Kanban/Sprint stand-ups, planning, and grooming activities to effectively prioritize and balance workload across the team.
Self-sufficient with responding to and managing the end-to-end vulnerability life-cycle from discovery to closure.
For each fiscal half:
Provide Cloud Delivered Services Onboarding and Audit Support within our defined SLA for two or more services.
Identify one or more automation opportunities that eliminates the need for at least 10 hours of manual effort per month.
Completes an automation project.
What type of work will you be doing? What assignments, requirements, or skills will you be performing on a regular basis?
· Managing the end-to-end vulnerability life-cycle from discovery to closure.
· Performing vulnerability assessments to identify weaknesses and countermeasures and providing timely assessment reports to key stakeholders.
· Producing vulnerability, configuration, and coverage reporting to demonstrate assessment coverage and remediation effectiveness
· Assisting with the design and implementing dashboards and data visualizations for various stakeholders.
· Identifying, designing, and driving automation projects for vulnerability management tasks
· Monitoring vulnerability disclosure mailing lists and threat intelligence feeds to identify and triage new threats and vulnerabilities targeting VMware.
· Serving as an escalation point on issues, dependencies, and risks related to vulnerability scanning
· Contributing to the strategic direction for vulnerability management capabilities at VMware.
· Supporting compliance and risk management activities, recommending security controls and corrective actions to mitigate vulnerability risks.
· Maintaining a high level of confidentiality.
What is the leadership like for this role? What is the structure and culture of the team like?
The hiring manager has 15 years’ experience in a variety of roles in information security. He started his career as a software engineer from developing low-level device drivers to modern web applications. He then took his engineering background to the information security field where he focused on data loss prevention, vulnerability management, and penetration testing.
His management philosophy is about encouraging everyone on the team to be an independent thinker and working smart instead of working long.
The Vulnerability Management is comprised of highly technical professionals, some with developer backgrounds and others new to the concept of automation. Everyone on the team will be a contributor to ongoing automation projects and are expected to continue to improve or identify new opportunities for automation. The core team works flexible hours, arranging schedules to fit their needs and taking consideration for meeting with global colleagues, primarily in India, Singapore and the United States.
What are the benefits and perks of working at VMware?
- Employee Stock Purchase Plan
- Medical Coverage, Retirement, and Parental Leave Plans for All Family Types
- Generous Time Off Programs
- 40 hours of paid time to volunteer in your community
- Rethink’s Neurodiversity program to support parents raising children with learning or behavior challenges, or developmental disabilities
- Financial contributions to your ongoing development (conference participation, trainings, course work, etc.)
- Healthy and local inspired snacks in all our on-site pantries
- Opportunity for working remotely