We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
The Sherwin-Williams Company jobs

Cybersecurity Lead - Vulnerability Management

The Sherwin-Williams Company
$96,522.40 - $123,866.59 Annually
United States, Ohio, Cleveland
Jan 09, 2025

The Cybersecurity Lead - Vulnerability Management position is responsible for leading group and team activities surrounding the identification, evaluation, and mitigation vulnerabilities within the company's IT infrastructure. Key responsibilities include synchronization with IT patch management, vulnerability remediation management and exception management. The incumbent will oversee functional group initiatives that require coordination between internal IT, business teams and external vendors. The principal objective will be to lead tactical initiatives to ensure adherence to our vulnerability management requirements and SLAs.

The VM Lead will collaborate directly the Enterprise Technology teams to ensure processes are being followed and that risk reduction activities are being prioritized appropriately. The VM Lead will work directly with internal cybersecurity teams and the business to determine risk, remediation efforts and ensure these agreements are centrally documented. The VM Lead should have a strong background in cybersecurity and project management skills.



  • Project Management: effectively lead group and team level activities
  • Vulnerability Assessment: lead the analysis of the company's networks, applications, and systems to identify vulnerabilities.
  • Risk Evaluation: Prioritize vulnerabilities based on risk and develop strategic plans for mitigation or remediation.
  • Develop dashboards and actionable steps to enable asset owners to develop remediation strategies and reduce the attack surface.
  • Patch Management: Collaborate with IT and development teams to ensure timely patching of vulnerabilities.
  • Partner with asset owners and stakeholders across the organization to drive vulnerability remediation
  • Educate teams on best practices for vulnerability management and remediation
  • Compliance and Reporting: Ensure compliance with relevant security regulations and standards. Prepare regular vulnerability exposure reports for senior management.
  • Incident Response: Support incident response teams in the event of a security breach or other incidents.
  • Stakeholder Communication: Communicate effectively with other management and stakeholders to align security measures with business objectives.


This position is not eligible for sponsorship for work authorization now or in the future, including conversion to H1-B visa.

This position has a hybrid work schedule with three days in the office and the option for working remotely two days.

Job duties include contact with other employees and access confidential and proprietary information and/or other items of value, and such access may be supervised or unsupervised. The Company therefore has determined that a review of criminal history is necessary to protect the business and its operations and reputation and is necessary to protect the safety of the Company's staff, employees, and business relationships.

FORMAL EDUCATION:

Required:



  • Bachelor's Degree (or foreign equivalent) or in lieu of a degree, at least 12 years in experience in the field of Information Technology or Business (work experience or a combination of education and work experience in the field of Information Technology or Business)


KNOWLEDGE & EXPERIENCE:

Required:



  • 8+ years of experience in IT or cybersecurity
  • Understanding of network security protocols, cryptography, and application security.
  • Understanding of security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.
  • Technical infrastructure knowledge (i.e. Windows OS, Linux, container environments and cloud)
  • Familiarity with compliance and regulatory frameworks such as NIST, GDPR, and PCI-DSS.
  • Excellent analytical, problem-solving, and decision-making skills, with a detail-oriented approach.
  • Strong interpersonal and communication skills, capable of writing clear and comprehensive reports and delivering presentations.


Preferred:



  • Manufacturing / Operation Technology experience
  • Experience with Vulnerability Management Platforms
  • Industry Certification (one or more of the below)
  • Certified Information Systems Security Professional (CISSP)
  • CompTIA Security+


Personal Attributes:



  • Strong written and oral communications skills.
  • Proven ability and initiative to learn and research new concepts, ideas, and technologies quickly.
  • Strong systems/process orientation with demonstrated analytical thinking, organization skills and problem-solving skills.
  • Ability to work in a team-oriented, collaborative environment.
  • Willingness and ability to train and teach others.
  • Ability to facilitate meetings and follow up with resulting action items.
  • Ability to prioritize and execute tasks in a high-pressure environment.
  • Strong presentation and interpersonal skills.
  • Ability to work effectively in a multi-cultural environment, and to lead and influence cross-organizationally with and without direct authority.
  • Ability to effectively move forward on tasks even with ambiguous or changing requirements.
  • Strong commitment to inclusion and diversity.
  • Minimal travel, up to 5%, may be required.
  • Work outside the standard office 7.5-hour workday may be required.
  • Commitment to fostering a culture of inclusion and diversity

Applied = 0
MORE JOBS LIKE THIS

(web-6f6965f9bf-7hrd4)