About MasterControl:

MasterControl Inc. is a leading provider of cloud-based quality and compliance software for life sciences and other regulated industries. Our mission is the same as that of our customers to bring life-changing products to more people sooner. The MasterControl Platform helps organizations digitize, automate and connect quality and compliance processes across the regulated product development life cycle. Over 1,000 companies worldwide rely on MasterControl solutions to achieve new levels of operational excellence across product development, clinical trials, regulatory affairs, quality management, supply chain, manufacturing, and postmarket surveillance. For more information, visit

Summary

MasterControl, Inc. is seeking a Vulnerability Manager to join the growing Information Security department. The Vulnerability Manager will report directly to the CISO and work cross-functionally with the rest of the organization to drive internal processes to support the handling and remediation of vulnerabilities. You will have a direct impact on the organization and the products it produces as we work towards improving security posture and following best practices.

Responsibilities

• As a trusted member of the CISOs staff, you will go out into the organization and identify opportunities for security improvement and organize change
• You will empower stakeholders in efforts that push the enhancement of organizational and engineering security controls and processes
• You will assure the achievement of important outcomes through these efforts
• Reporting to the CISO, the Vulnerability Manager will be responsible for cultivating relationships, maturing processes, and ensuring continuous vulnerability lifecycle management across the MasterControl environment
• Serve as subject matter expert related to vulnerability management across broad technology stacks
• Own and execute the complete vulnerability management strategy across MasterControl
• Establish actionable metrics and reporting for operations and leadership transparency
• Implement effective continuous monitoring for vulnerabilities to assure prompt attention and visibility to issues that may require emergent vulnerability or incident response
• Provide support and collaboration on security incidents as necessary to enable the effectiveness of the team and its operations
• Have the ability to develop and maintain the policy and technical standards with specific regard to vulnerability management and secure configuration
• Utilize a threat-informed, risk-based approach to establish a prioritization process that most effectively maximizes engineering time and minimizes risk exposure
• Identify and recommend appropriate mitigation strategies to manage and remediate vulnerabilities, and reduce potential impacts on information resources to a level acceptable to the senior leadership
• Build strong partnerships with technical teams to promote best practices for managing vulnerabilities within multiple environments and across multiple tech stacks

Preferred Skills

• Demonstrated experience as a vulnerability manager, encompassing application layer and system-level vulnerabilities, in programs and contracts of similar scope, type, and complexity
• Ability to independently define, communicate and execute a vision and strategy for program buildout and maturation
• Experience with vulnerability management software such as Service Now VR, Rapid7, etc.
• Hands-on experience with vulnerability scanning tools, and other security testing tools, including the ability to test, deploy, configure, and run these tools (e.g. Netsparker, Tenable, Snyk, etc.)
• Understanding of attacker mindset, exploitation, and how vulnerabilities are leveraged to accurately calculate risk
• Familiar with industry-standard security best practices (CVE, CVSS, MITRE) and vulnerability management processes including compliance reporting
• Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities and resolve conflicts among stakeholders in a fast-paced environment
• Driven to influence security posture improvement across an entire organization
• Bachelor's degree or equivalent work experience
• Any relevant industry certification (e.g. GEVA, GCIH, CISA, CISSP, GPEN, or other)
• Experience defining and managing vulnerability management processes and tools to include scanning patching, hardening, configuration, and risk management
• Experience with creating or procuring advanced vulnerability prioritization algorithms
• Teaching and/or public speaking experience a plus

Physical Demands and Working Conditions

• Must be able to work well with people.
• Ability to operate a computer and work at a desk for extended periods of time.
• Ability to communicate effectively in writing, in person, over the telephone, and in an e-mail.

Why Work Here?

#WhyWorkAnywhereElse?

MasterControl is a place where Exceptional Teams come together to do their best work. In fact, hiring Exceptional Teams is a core value of ours. MasterControl employees are surrounded by intelligent, motivated, and collaborative individuals. We like to call it #TheBestTeamOnThePlanet.

We work hard to develop and challenge our employees' skill sets, recognize their contributions, encourage professional development, and offer a one-of-a-kind culture. This is why we say #WhyWorkAnywhereElse?

MasterControl could be your next (and last) career move!

Here are some of the benefits MasterControl employees enjoy:

• Competitive compensation
• 100% medical premium coverage (yes, you read that right!)
• 401(k) plan with company match
• Generous PTO packages that increase with tenure
• Schedule flexibility
• Fitness clubs (you get paid to have fun and be active!)
• Company parties and employee recognition programs
• Wellness programs (free Fitbit, gym membership and athletic shoe reimbursements, etc.)
• Onsite physician and massage therapist
• Innovation center and gaming rooms at the office
• Dental/vision plans
• Employer paid life insurance policy
• Much, much more!

Applicants must be currently authorized to work in the United States on a full-time basis.