Program Manager, IT Security
Seattle, WA

Job Description

Information Technology

Who we are

lululemon is a yoga-inspired technical apparel company up to big things. The practice and philosophy of yoga informs our overall purpose to elevate the world through the power of practice. We are proud to be a growing global company with locations all around the world, from Vancouver to Shanghai, and places in between. We owe our success to our innovative product, our emphasis on our stores, our commitment to our people, and the incredible connections we get to make in every community we are in.

About this role

This position will utilize a combination of external and internally developed tools, as well as partner with third parties, in the identification, containment, and remediation of IT vulnerabilities. It will identify both existing and emerging vulnerabilities, evaluate associated risks and threats, and provide recommended countermeasures as necessary. The Vulnerability Management Program Manager will be working with project delivery and operational teams, including decision makers across all organizational levels, to prioritize and track remediation efforts through to completion. The Vulnerability Management Program Manager will also develop processes and reporting to keep leadership informed of security risks and the status of remediation efforts

A day in the life:

* Build, lead and maintain lululemon's vulnerability management program
* Define a framework for identifying and accounting for mitigating factors and compensating controls that affect the severity of identified vulnerabilities
* Lead project delivery and operations teams in the enterprise adoption of formal hardening / patching processes, by engaging stakeholders and decision makers across all organizational levels
* Manage a small team of professionals in hardening, patching and vulnerability management processes
* Asset lists and asset group owners to build and maintain vulnerability scanning landscapes
* Feedback from project delivery/operational teams and compliance on priority of and remediation of existing and emerging vulnerabilities within the enterprise
* Produce dashboard reporting that can be communicated to application owners and senior leadership about existing and emerging vulnerabilities, evaluate associated risks and threats, and provide recommended countermeasures as necessary
* Provide direction on the adoption of formal hardening/patching processes

Qualifications:

* Bachelor's degree in Computer Science/Engineering or equivalent experience
* CISSP, CISM, or other security certifications are a plus
* Experience in performing and overseeing technical vulnerability assessments of all technology areas
* Hands-on experience configuring and utilizing vulnerability scanning tools (such as Nessus, Qualys, AppScan, Trustwave, Burp Suite, Nipper)
* Experience designing and implementing security metrics and compliance reports for vulnerabilities tracking, trending and remediation

Must haves:

* Acknowledges the presence of choice in every moment and takes personal responsibility for their life.
* Possesses an entrepreneurial spirit and continuously innovates to achieve great results.
* Communicates with honesty and kindness, and creates the space for others to do the same.
* Leads with courage, knowing the possibility of greatness is bigger than the fear of failure.
* Fosters connection by putting people first and building trusting relationships.
* Integrates fun and joy as a way of being and working, aka doesn't take themselves too seriously.

NOTE: Only those applicants under consideration will be contacted. Please accept our utmost appreciation for your interest. lululemon is an Equal Employment Opportunity employer. Employment decisions are based on merit and business needs, and not on race, color, creed, age, sex, gender, sexual orientation, national origin, religion, marital status, medical condition, physical or mental disability, military service, pregnancy, childbirth and related medical conditions or any other classification protected by federal, state or provincial and local laws and ordinances. Reasonable accommodation is available for qualified individuals with disabilities, upon request. This Equal Employment Opportunity policy applies to all practices relating to recruitment and hiring, compensation, benefits, discipline, transfer, termination and all other terms and conditions of employment. While management is primarily responsible for seeing that lululemon equal employment opportunity policies are implemented, you share in the responsibility for assuring that, by your personal actions, the policies are effective.