As an EEO/Affirmative Action Employer, all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, or veteran status. WM, a Fortune 250 company, is the leading provider of comprehensive waste and environmental services in North America. We are strongly committed to a foundation of operating excellence, professionalism and financial strength. WM serves nearly 25 million customers in residential, commercial, industrial and municipal markets throughout North America through a network of collection operations, transfer stations, landfills, recycling facilities and waste-based energy production projects. To enable our business to expand our lead in a market increasingly enhanced by technology, WM is undertaking a substantial technology transformation. We are seeking talented Information Technology professionals to join the Waste Management team who are motivated to help us transform the way we design, build and use technology. With your skills and experience, we look for you to combine your technical expertise with industry best practices in an effort to align information technology solutions with Waste Management business strategy. **I. Job Summary** We are seeking an experienced and proactive Vulnerability Management, Sr. Engineer to lead and enhance our organization’s vulnerability management program. This role will be pivotal in ensuring the security of our systems, applications, and networks by identifying, analyzing, and managing vulnerabilities effectively. The ideal candidate will have a strong technical background, leadership skills, and the ability to collaborate across various teams to reduce the organization’s attack surface and enhance its security posture. **II. Essential Duties and Responsibilities** To perform this job successfully, an individual must be able to perform each duty satisfactorily. Other ancillary duties may be assigned. + Develop, implement, and oversee the organization's vulnerability management and application security programs, ensuring alignment with industry standards and compliance requirements. + Establish and enforce policies and procedures for vulnerability assessment, prioritization, and remediation. + Manage the end-to-end vulnerability assessment lifecycle, including scanning, analysis, and reporting. + Oversee the configuration and operation of vulnerability scanning tools and platforms. + Support periodic penetration testing and work with third-party vendors for advanced security testing. + Collaborate with IT, DevOps, and business teams to prioritize and remediate vulnerabilities. + Track remediation efforts and provide regular status updates to stakeholders. + Develop and communicate risk-based vulnerability metrics and KPIs to measure program effectiveness. + Partner with system owners, developers, and IT operations to integrate vulnerability management processes into the development and operational workflows. + Provide guidance and mentorship to team members, fostering a culture of security awareness. + Generate detailed reports and executive summaries on vulnerabilities, risks, and remediation progress for technical teams and leadership. + Advise senior management on emerging vulnerabilities and the organization’s overall vulnerability risk profile. + Participate in emerging threat reduction activities as needed. + Responsible for sustaining continuous improvement efforts: + Stay updated on the latest security vulnerabilities, exploits, and threat trends. + Recommend and implement improvements to tools, processes, and technologies used in vulnerability management and application security. + Ability to present technical findings to non-technical stakeholders in a clear and concise manner. **III. Supervisory Responsibilities** May coach and mentor less-experienced analysts and act as team leader on systems projects. **IV. Qualifications** The requirements listed below are representative of the qualifications necessary to perform the job. A. Education and Experience + Education: Bachelor's degree (accredited) in Computer Science, MIS, Business Administration or similar area of study, or in lieu of degree, High School Diploma or GED (accredited) and 4 years or relevant work experience. + Experience: Five years of experience in cybersecurity with a focus on vulnerability management and application security B. Certificates, Licenses, Registrations or Other Requirements Must possess one of the following or will obtain one within the next 12 months: + Certified Information Systems Security Professional (CISSP) + Certified Information Systems Auditor (CISA) + Certified Information Security Manager (CISM) C. Other Knowledge, Skills or Abilities Required Advanced knowledge or skills in one or more of the following is required: + Knowledge of threat and vulnerability and/or identity related processes and technology. + Proficiency in vulnerability management tools such as Qualys, Core Impact, WebInspect, etc. + Strong communication and interpersonal skills to work effectively with cross-functional teams. + Strong knowledge of operating systems (Windows, Linux, macOS), networks, public cloud providers (AWS, Azure, GCP). + Strong analytical and problem-solving skills. + Effective communication skills for explaining complex cybersecurity issues to technical and non-technical stakeholders. + Ability to effectively manage teams and multiple projects simultaneously. + Proactive approach to identifying and addressing cybersecurity challenges. D. Other Knowledge, Skills or Abilities Required + Hands on experience with vulnerability management and application security solutions. + Track record of successful risk reduction and collaborating with business partners. + Related technology certifications for modern vulnerability management and application security solutions. + Familiarity using threat intelligence to enhance vulnerability discovery and prioritization.. **V. Work Environment** Listed below are key points regarding environmental demands and work environment of the job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of the job. Normal setting for this job is: office setting. **Benefits** At WM, each eligible employee receives a competitive total compensation package including Medical, Dental, Vision, Life Insurance and Short Term Disability. As well as a Stock Purchase Plan, Company match on 401K, and more! Our employees also receive Paid Vacation, Holidays, and Personal Days. Please note that benefits may vary by site. If this sounds like the opportunity that you have been looking for, please click Apply. Equal Opportunity Employer: Minority/Female/Disability/Veteran