Vulnerability Assessment Manager

Vulnerability Assessment,Information Security, penetration testing, Nexpose, AppScan, Risk Management, cybersecurity, Vulnerability Manager,
Full Time
Work from home not available Travel not required

Job Description

We are currently seeking a Vulnerability Assessment Manager to join our Information Security Operations team within the Information Technology Services (ITS) department here at the University of Southern California. A positive catalyst for leading change with a professional demeanor, the Vulnerability Assessment Manager drives the group’s strategies and goals through coaching, mentoring and career guidance, and develops and maintains strong partnerships with other teams, spurring end-to-end vulnerability remediation. This role will be responsible for directing ongoing assessments and penetration tests, assisting with strategic planning, supporting compliance and risk management activities, and pushing for improvements as necessary to mitigate risk.

The ideal candidate must possess five years of experience in Information Technology (or Information Security) and two years of experience leading a Vulnerability Management Program. He/she should also possess experience in Information Security management and a strong understanding of vulnerability management and security testing practices and methodologies.

Information Technology Services (ITS) is committed to providing information technology (IT) services and support to the university. ITS provides essential, university-wide services such as:

  • Enterprise information systems
  • University wired and wireless networks
  • Educational Technology
  • Research Computing
  • IT Security


  • Must have a Bachelor’s degree or combined education/experience as substitute for minimum education
  • Minimum of 5 years of experience in Information Technology (or Information Security)
  • Minimum of 2 years of experience leading a Vulnerability Management program
  • Working experience within Information Security management
  • Project Management experience
  • Comprehensive understanding of vulnerability management and security testing practices and methodologies
  • Proven understanding of cloud computing and security issues related to cloud environments
  • Demonstrated understanding of common vulnerability frameworks (CVSS, OWASP Top 10) as well as Internet security and networking protocols
  • Advanced understanding of system, application, and database hardening techniques and practices
  • Demonstrated experience with the configuration management of Nexpose and AppScan
  • Ability to evaluate business risks and recommend appropriate information security measures
  • Able to interact effectively at all levels of an organization and across diverse cultural and linguistic barriers
  • Ability to quickly adapt as the external environment and organization evolves. Ability to prioritize projects and deliverables
  • Typically possesses 7 years of experience in Information Security
  • Typically possesses or working towards CISSP, CISSP-ISSMP, CISM, and/or CRISC Certifications
  • Typically possesses penetration testing experience using multiple pen-testing tools: Metasploit, Wireshark, Kali, NMAP etc.…

 Job Accountabilities:

  • Leads and supports the Vulnerability Assessment team, effectively driving team strategy, goals, and performance objectives. Establishes team and individual goals that support team objectives, coaching and mentoring, and providing career development guidance
  • Develops and maintains strong partnerships with other teams to drive end-to-end vulnerability remediation, ensure consistent customer experience, convey a positive and professional demeanor, and be a positive catalyst for leading change
  • Drive requirements definition, evaluation, recommendation, implementation, and troubleshooting of tools used by the Vulnerability Assessment team. Directs ongoing vulnerability assessments and penetration tests
  • Assists with strategic planning, providing input on capabilities and methods used for vulnerability management and security testing, and driving improvements
  • Supports compliance and risk management activities, recommending security controls and corrective actions to mitigate vulnerability risks
  • Provides technical expertise for USC information security policies and standards
  • Provides communications across the organization, interfacing with senior leadership on vulnerability remediation, driving security hardening best practices, and representing the Vulnerability Assessment team with customers and partners
  • Establishes daily operations, regular communications, resource planning, providing guidance, relaying leadership expectations and leading team initiatives and activities.
  • Recruits, screens, hires, trains and directly supervises all assigned subordinate staff. Evaluates employee performance and provides guidance and feedback. Counsels, disciplines and/or terminates employees as required. Recommends departmental goals and objectives, including workforce planning and compensation recommendations. Reassesses or redefines priorities as appropriate in order to achieve performance objectives.
  • Maintains awareness and knowledge of current changes within legal, regulatory, and technology environments which may affect operations. Ensures senior management and staff are informed of any changes and updates in a timely manner. Establishes and maintains appropriate network of professional contacts. Maintains membership in appropriate professional organizations and publications. Attends meetings, seminars and conferences and maintains continuity of any required or desirable certifications, if applicable.
  • Performs other duties as assigned or requested. The university reserves the right to add or change duties at any time.


Preferred Qualifications

  • Master’s Degree
  • 7 years of experience in Information Security
  • Possesses or working towards CISSP, CISSP-ISSMP, CISM, and/or CRISC Certifications
  • Experience as penetration tester

Posted By

Farah Jaffrey

3434 S. Grand Ave., Suite 127 Los Angeles, CA, 90007

Dice Id : RTX1bf497
Position Id : 800915
Have a Job? Post it

Similar Positions

Cyber Security Analyst
  • Cenergy
  • Rosemead, CA
Security Engineer II
  • Hyundai AutoEver America
  • Fountain Valley, CA
Security Analyst - Risk Management, Security, Privacy, PII
  • Software Management Consultants, Inc.
  • Torrance, CA
Information Security Analyst
  • Farmers Insurance
  • Woodland Hills, CA
Director, Information Security
  • Irvine Technology Corporation (ITC)
  • Brea, CA
Cybersecurity Specialist
  • Genuent Global, LLC
  • Rosemead, CA
Security Engineer - 2008590
  • Software Engineering Institute
  • El Segundo, CA
Information Security Specialist
  • Britech Group, Inc.
  • Los Alamitos, CA
Principal/Sr. Principal Cyber Systems Engineer
  • Northrop Grumman
  • Redondo Beach, CA
IT Security/Financial Auditor
  • Tentek, Inc.
  • Burbank, CA
Security Engineer (Symantec)
  • ESPO Engineering Corp
  • Los Angeles, CA