Security Threat & Vulnerability Management Director
Dallas, TX

Job Description

The Security Threat & Vulnerability Management Director will support the Chief Information Security Officer to manage all vulnerabilities and threats (including intelligence and then modeling) across all areas of the enterprise such as product, cloud, internal IT, and professional services, delivering a world-class and visionary approach that will enable a distinctive competitive advantage for the future.

Responsibilities

* Development of a companywide security threat and vulnerability management capability that covers all the different products, services, deployment options, and functions.
* Creation of a facts-based, vulnerability scoring model, oriented to the CVSSv2/3 model, adapted to our risk posture.
* Manage other pen-testers and vulnerability and threat management analyst on an ongoing basis and provide reliable and timely services to the security organization and potentially other areas where warranted.
* Team up and provide continuous feedback to security and development resources distributed amongst several development locations across the world. Ensure that patched vulnerabilities are fully and completely remediated and no longer pose a risk.
* Develop trusted intelligence sourcing and establish vendor-to-JDA and JDA-customer information sharing facilities to ensure JDA becomes a trusted resource and a leading security organization over the next three to five years. World-class long-term.
* Any unforeseen items, incident management, and become a backup for SOC purposes and during crisis.

Qualifications

* 10+ years of relevant security technology experience
* Security leadership experience across multiple industries (preferred), minimum 2 different entities
* Security vulnerability and threat management for global, multinational companies
* intelligence sourcing, leveraging external OSINT and industry associations, ISACs, and 3rd party services
* Pen-testing skill set (does need to verify the other pen-testers are producing valid, complete, and timely results)
* Threat modeling in at least one, better two (or more) entities, skilled in translating / transforming these to new risk environments
* Physical security understanding / exposure
* Bachelors degree in Information Security or related industry experience
* Required Certifications:
* Certified Information Systems Security Professional (CISSP)
* CEH
* OSCP/ OSCE/ OSWP (at least one)


* LI-LN1

Our Values

If you want to know the heart of a company, take a look at their values. Ours unite us. They are what drive our success - and the success of our customers. Does your heart beat like ours? Find out here: Core Values

Check out JDA's blog - Supply Chain Nation - the platform for supply chain trends and innovations.