What are the responsibilities and job description for the Cybersecurity Lead - Vulnerability Management position at Sherwin-Williams?
Job Details
Job Description
The Cybersecurity Lead - Vulnerability Management position is responsible for leading group and team activities surrounding the identification, evaluation, and mitigation vulnerabilities within the company's IT infrastructure. Key responsibilities include synchronization with IT patch management, vulnerability remediation management and exception management. The incumbent will oversee functional group initiatives that require coordination between internal IT, business teams and external vendors. The principal objective will be to lead tactical initiatives to ensure adherence to our vulnerability management requirements and SLAs.
The VM Lead will collaborate directly the Enterprise Technology teams to ensure processes are being followed and that risk reduction activities are being prioritized appropriately. The VM Lead will work directly with internal cybersecurity teams and the business to determine risk, remediation efforts and ensure these agreements are centrally documented. The VM Lead should have a strong background in cybersecurity and project management skills.
Responsibilities
This position is not eligible for sponsorship for work authorization now or in the future, including conversion to H1-B visa.
This position has a hybrid work schedule with three days in the office and the option for working remotely two days.
Job duties include contact with other employees and access confidential and proprietary information and/or other items of value, and such access may be supervised or unsupervised. The Company therefore has determined that a review of criminal history is necessary to protect the business and its operations and reputation and is necessary to protect the safety of the Company's staff, employees, and business relationships.
Qualifications
FORMAL EDUCATION:
Required:
KNOWLEDGE & EXPERIENCE:
Required:
Preferred:
Personal Attributes:
About Us
Here, we believe there's not one path to success, we believe in careers that grow with you. Whoever you are or wherever you come from in the world, there's a place for you at Sherwin-Williams. We provide you with the opportunity to explore your curiosity and drive us forward. Sherwin-Williams values the unique talents and abilities from all backgrounds and characteristics. All qualified individuals are encouraged to apply, including individuals with disabilities and Protected Veterans. We'll give you the space to share your strengths and we want you show us what you can do. You can innovate, grow and discover in a place where you can thrive and Let Your Colors Show!
At Sherwin-Williams, part of our mission is to help our employees and their families live healthier, save smarter and feel better. This starts with a wide range of world-class benefits designed for you. From retirement to health care, from total well-being to your daily commute-it matters to us. A general description of benefits offered can be found at Click on "Candidates" to view benefit offerings that you may be eligible for if you are hired as a Sherwin-Williams employee.
Compensation decisions are dependent on the facts and circumstances of each case and will impact where actual compensation may fall within the stated wage range. The wage range listed for this role takes into account the wide range of factors considered in making compensation decisions including skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled.
The wage range, other compensation, and benefits information listed is accurate as of the date of this posting. The Company reserves the right to modify this information at any time, with or without notice, subject to applicable law.
Qualified applicants with arrest or conviction records will be considered for employment in accordance with applicable federal, state, and local laws including with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act where applicable.
Sherwin-Williams is proud to be an Equal Employment Opportunity/Affirmative Action employer committed to an inclusive and diverse workplace. All qualified candidates will receive consideration for employment and will not be discriminated against based on race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age, pregnancy, genetic information, creed, marital status or any other consideration prohibited by law or by contract.
As a VEVRAA Federal Contractor, Sherwin-Williams requests state and local employment services delivery systems to provide priority referral of Protected Veterans.
Please be aware, Sherwin-Williams recruiting team members will never request a candidate to provide a payment, ask for financial information, or sensitive personal information like national identification numbers, date of birth, or bank account numbers during the application process.
The Cybersecurity Lead - Vulnerability Management position is responsible for leading group and team activities surrounding the identification, evaluation, and mitigation vulnerabilities within the company's IT infrastructure. Key responsibilities include synchronization with IT patch management, vulnerability remediation management and exception management. The incumbent will oversee functional group initiatives that require coordination between internal IT, business teams and external vendors. The principal objective will be to lead tactical initiatives to ensure adherence to our vulnerability management requirements and SLAs.
The VM Lead will collaborate directly the Enterprise Technology teams to ensure processes are being followed and that risk reduction activities are being prioritized appropriately. The VM Lead will work directly with internal cybersecurity teams and the business to determine risk, remediation efforts and ensure these agreements are centrally documented. The VM Lead should have a strong background in cybersecurity and project management skills.
Responsibilities
- Project Management: effectively lead group and team level activities
- Vulnerability Assessment: lead the analysis of the company's networks, applications, and systems to identify vulnerabilities.
- Risk Evaluation: Prioritize vulnerabilities based on risk and develop strategic plans for mitigation or remediation.
- Develop dashboards and actionable steps to enable asset owners to develop remediation strategies and reduce the attack surface.
- Patch Management: Collaborate with IT and development teams to ensure timely patching of vulnerabilities.
- Partner with asset owners and stakeholders across the organization to drive vulnerability remediation
- Educate teams on best practices for vulnerability management and remediation
- Compliance and Reporting: Ensure compliance with relevant security regulations and standards. Prepare regular vulnerability exposure reports for senior management.
- Incident Response: Support incident response teams in the event of a security breach or other incidents.
- Stakeholder Communication: Communicate effectively with other management and stakeholders to align security measures with business objectives.
This position is not eligible for sponsorship for work authorization now or in the future, including conversion to H1-B visa.
This position has a hybrid work schedule with three days in the office and the option for working remotely two days.
Job duties include contact with other employees and access confidential and proprietary information and/or other items of value, and such access may be supervised or unsupervised. The Company therefore has determined that a review of criminal history is necessary to protect the business and its operations and reputation and is necessary to protect the safety of the Company's staff, employees, and business relationships.
Qualifications
FORMAL EDUCATION:
Required:
- Bachelor's Degree (or foreign equivalent) or in lieu of a degree, at least 12 years in experience in the field of Information Technology or Business (work experience or a combination of education and work experience in the field of Information Technology or Business)
KNOWLEDGE & EXPERIENCE:
Required:
- 8 years of experience in IT or cybersecurity
- Understanding of network security protocols, cryptography, and application security.
- Understanding of security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.
- Technical infrastructure knowledge (i.e. Windows OS, Linux, container environments and cloud)
- Familiarity with compliance and regulatory frameworks such as NIST, GDPR, and PCI-DSS.
- Excellent analytical, problem-solving, and decision-making skills, with a detail-oriented approach.
- Strong interpersonal and communication skills, capable of writing clear and comprehensive reports and delivering presentations.
Preferred:
- Manufacturing / Operation Technology experience
- Experience with Vulnerability Management Platforms
- Industry Certification (one or more of the below)
- Certified Information Systems Security Professional (CISSP)
- CompTIA Security
Personal Attributes:
- Strong written and oral communications skills.
- Proven ability and initiative to learn and research new concepts, ideas, and technologies quickly.
- Strong systems/process orientation with demonstrated analytical thinking, organization skills and problem-solving skills.
- Ability to work in a team-oriented, collaborative environment.
- Willingness and ability to train and teach others.
- Ability to facilitate meetings and follow up with resulting action items.
- Ability to prioritize and execute tasks in a high-pressure environment.
- Strong presentation and interpersonal skills.
- Ability to work effectively in a multi-cultural environment, and to lead and influence cross-organizationally with and without direct authority.
- Ability to effectively move forward on tasks even with ambiguous or changing requirements.
- Strong commitment to inclusion and diversity.
- Minimal travel, up to 5%, may be required.
- Work outside the standard office 7.5-hour workday may be required.
- Commitment to fostering a culture of inclusion and diversity
About Us
Here, we believe there's not one path to success, we believe in careers that grow with you. Whoever you are or wherever you come from in the world, there's a place for you at Sherwin-Williams. We provide you with the opportunity to explore your curiosity and drive us forward. Sherwin-Williams values the unique talents and abilities from all backgrounds and characteristics. All qualified individuals are encouraged to apply, including individuals with disabilities and Protected Veterans. We'll give you the space to share your strengths and we want you show us what you can do. You can innovate, grow and discover in a place where you can thrive and Let Your Colors Show!
At Sherwin-Williams, part of our mission is to help our employees and their families live healthier, save smarter and feel better. This starts with a wide range of world-class benefits designed for you. From retirement to health care, from total well-being to your daily commute-it matters to us. A general description of benefits offered can be found at Click on "Candidates" to view benefit offerings that you may be eligible for if you are hired as a Sherwin-Williams employee.
Compensation decisions are dependent on the facts and circumstances of each case and will impact where actual compensation may fall within the stated wage range. The wage range listed for this role takes into account the wide range of factors considered in making compensation decisions including skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled.
The wage range, other compensation, and benefits information listed is accurate as of the date of this posting. The Company reserves the right to modify this information at any time, with or without notice, subject to applicable law.
Qualified applicants with arrest or conviction records will be considered for employment in accordance with applicable federal, state, and local laws including with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act where applicable.
Sherwin-Williams is proud to be an Equal Employment Opportunity/Affirmative Action employer committed to an inclusive and diverse workplace. All qualified candidates will receive consideration for employment and will not be discriminated against based on race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age, pregnancy, genetic information, creed, marital status or any other consideration prohibited by law or by contract.
As a VEVRAA Federal Contractor, Sherwin-Williams requests state and local employment services delivery systems to provide priority referral of Protected Veterans.
Please be aware, Sherwin-Williams recruiting team members will never request a candidate to provide a payment, ask for financial information, or sensitive personal information like national identification numbers, date of birth, or bank account numbers during the application process.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
