Senior Vulnerability Manager

Stellantis is a leading global automaker and mobility provider that offers clean, connected, affordable and safe mobility solutions. Our Company’s strength lies in the breadth of our iconic brand portfolio, the diversity and passion of our people, and our deep roots in the communities in which we operate. Our ambitious electrification and software strategies and the creation of an innovative ecosystem of strategic, game-changing partnerships are driving our transformation to a sustainable mobility tech company.

The driving force behind us is the diverse and talented group of men and women around the world who bring their passion and experience to their work every day. And while we are a truly global organization, we remain deeply rooted in the communities in which we operate and where our colleagues live and work.

With industrial operations in nearly 30 countries, Stellantis could consistently exceed the evolving needs and expectations of consumers in more than 130 markets, while creating superior value for all stakeholders.

Job Summary

As a senior vulnerability manager, you will be responsible for leading the design and implementation of a vulnerability management program that identifies, assesses, and mitigates the cyber risks associated with the organisation's IT assets and systems. You will also provide guidance and oversight to the vulnerability management team and collaborate with other stakeholders across the organisation to ensure timely and effective remediation of vulnerabilities and compliance with security policies and standards.

Key Responsibilities

• Lead the development and execution of the vulnerability management program, including vulnerability scanning, analysis, reporting, and remediation.
• Ensure that the program is aligned with the organisation's cyber security strategy, objectives, policies and standards, as well as industry best practices and regulatory requirements.
• Develop and maintain a vulnerability management policy, procedure, guideline and tool, and provide training and awareness to the organisation on vulnerability management principles and practices.
• Provide direction and support to the vulnerability management team in conducting vulnerability assessments, developing remediation plans, implementing remediation actions and reporting on vulnerability status and performance.
• Facilitate the communication and escalation of vulnerability issues and incidents to senior management and relevant stakeholders, and provide recommendations for improvement and remediation.
• Establish and maintain effective relationships with internal and external stakeholders, including business units, IT functions, audit, compliance, legal, vendors and regulators, to ensure alignment and integration of vulnerability management activities and deliverables.
• Conduct research and analysis on emerging cyber threats, trends and best practices, and provide insights and recommendations to enhance the organisation's cyber security posture and resilience.

Qualifications and Skills

• Bachelor's degree or higher in computer science, information systems, cyber security, or related field.
• At least 10 years of relevant experience in cyber security, with at least 5 years of experience in vulnerability management.
• Professional certifications in cyber security or related field, such as CISSP, CISM, CEH, OSCP, etc.
• Strong knowledge and understanding of vulnerability management concepts, frameworks, standards and best practices, such as NIST, ISO, CVSS, etc.
• Strong technical skills and experience in various security domains, such as network security, cloud security, data security, endpoint security, threat intelligence, etc.
• Ability to design and implement vulnerability management solutions that are scalable, resilient, and cost-effective, using various technologies, such as scanners, patch management, configuration management, etc.
• Ability to communicate effectively and persuasively with senior management, business partners, and vendors on vulnerability management vision, strategy, and roadmap.
• Ability to lead and mentor the vulnerability management team and foster a culture of collaboration, innovation, and continuous improvement.
• Ability to conduct vulnerability assessments, audits, and reviews, and provide recommendations for improvement and remediation.
• Ability to stay abreast of the latest security trends, threats, and best practices, and adapt to the changing security landscape.
• Excellent verbal and written communication skills.
• Strong analytical and problem-solving skills.
• High level of integrity and professionalism.
• Ability to adapt to changing technologies and business needs.
• Demonstrated digital mindset and agility in learning and applying new tools and platforms.
• Experience with ServiceNow Vulnerability Response is a plus.

At Stellantis, we assess candidates based on qualifications, merit, and business needs. We welcome applications from people of all gender identities, age, ethnicity, nationality, religion, sexual orientation, and disability. Diverse teams will allow us to better meet the evolving needs of our customers and care for our future.”