Deckers Brands

Lead Vulnerability Management Security Engineer

Deckers Brands

full-time

Posted on:

Location Type: Remote

Location: Remote • Arizona, California, Texas, Utah, Washington • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $120,000 - $130,000 per year

Job Level

Senior

Tech Stack

CloudCyber SecurityPython

About the role

  • Lead the review and analysis of vulnerability data to identify trends, patterns, and key risks across Deckers’ global environment
  • Facilitate vulnerability management meetings and drive risk-based discussions to prioritize and accelerate remediation efforts
  • Advise and support remediation teams in developing actionable plans to address vulnerabilities and strengthen our security posture
  • Perform risk-based assessments for both on-premise and cloud-based services, ensuring robust protection for critical assets
  • Integrate advanced security technologies and automation tools to enhance threat detection and response capabilities
  • Build and present business cases for adopting new security solutions to mitigate emerging risks
  • Develop, consolidate, and maintain security metrics to measure the effectiveness of our cybersecurity program
  • Apply industry-leading frameworks (NIST, ISO27001/2, CIS Top 20 Controls) to establish and maintain best-in-class security measures
  • Foster strong relationships with technical teams, serving as a trusted advisor and championing a culture of security awareness
  • Contribute to the strategic direction of the Technical Security team by designing and implementing tools that enhance customer trust and detect suspicious activity

Requirements

  • BA/BS degree or equivalent experience in a relevant field
  • Security professional certification (CISSP, CVA, GEVA, or similar) preferred
  • 4+ years of hands-on experience in vulnerability management, including scanning, assessment, and remediation
  • Proven success in starting and growing a vulnerability management program
  • Proficiency with leading vulnerability management tools (Tenable, CrowdStrike) and scripting/automation languages (PowerShell, Python)
  • Deep understanding of security frameworks and compliance standards (NIST, ISO27001/2, CIS Top 20 Controls, PCI-DSS, HIPAA)
  • Strong analytical skills to identify patterns, trends, and actionable insights from complex vulnerability data
  • Excellent communication skills for reporting and stakeholder engagement
  • Collaborative mindset with the ability to serve as a trusted advisor across cross-functional teams
  • Self-driven, strategic thinker with a passion for advancing cybersecurity programs.
Benefits
  • Competitive Pay and Bonuses
  • Financial Planning and wellbeing
  • Time away from work
  • Extras, discounts and perks
  • Growth and Development
  • Health and Wellness

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
vulnerability managementrisk-based assessmentsthreat detectionautomation toolsscripting languagesPowerShellPythonsecurity metricsremediationsecurity frameworks
Soft skills
analytical skillscommunication skillscollaborative mindsetstrategic thinkingtrusted advisorrelationship buildingculture of security awarenessstakeholder engagementproblem-solvingself-driven
Certifications
CISSPCVAGEVA