At Cox, we’re forward-thinking innovators who put people first. Our award-winning workplace culture is centered on inclusion and kindness, and we’re looking for people to join our mission to be a force for good in the world. Come build a better future with us across automotive, communications, the environment and more.

We want to do everything we can to keep our employees safe and healthy. Therefore, where permitted by applicable law, you will need to be fully vaccinated against COVID-19 to be considered for this U.S.-based job. Reasonable accommodations for medical and religious objections will of course be considered.

Keep reading to learn more about this opportunity to join the Cox family of businesses.

Remote or hybrid opportunity. 

Cox Enterprises is in search of a Lead Vulnerability Manager to help maintain the tools, operations and framework for environment scans and assessments. The Vulnerability Manager will review, prioritize and recommend vulnerability fixes to reduce Cox’s attack surface exposure and will be responsible for understanding the vulnerabilities that affect Cox Enterprises.  In this role, the lead will help service and portfolio owners evolve toward reducing patching requirements by influencing architectures and championing automation.  Cox platforms should need less and less patching because of these efforts.  Once patching is driven to a minimal level, this role can evolve into other responsibilities, such as threat intelligence or security analytics.

Here's what you would do:

Collaborate with solutions teams and architect functions to recommend common frameworks and implement designs for protecting data and mitigating technical and non-technical threats.

Use available tools to investigate and understand risks and threats, then create focus on which vulnerabilities need to be resolved.

Review process and procedure used by security operations and drive continuous improvement in collaboration with Process Center of Excellence

Recommend and implement or influence the implementation of improvements to to systems and services that result in lower patching requirements

3Participate in working groups with internal and third-party security operations teams to create new ideas for proactive defense.

Key success metrics include mean-time-to respond, process adherence, and number of recurring incidents

Acts as a key participant in critical security incident response (IR) and/or data breach (DBIR) response, and able to lead response as a security incident manager (SIM)

Own and manage the continuous assessment program in coordination with members of the “build secure” functional team

Work as a member of the team for the annual global penetration test

Perform threat analysis and recommend remediation steps to resolve complex incidents and events detected by security tool sets.

Maintain technical configuration to support the CEI Information Security Policy and Controls Framework.

Inform security architecture review and annual budget planning with operational data and threat metrics for all security tools and platforms.

Comply with standard processes, procedures, and service level expectations for ticket handling.

Maintain working knowledge of advanced threat detection as the industry evolves

Qualifications:

Where permitted by applicable law, must be fully vaccinated against COVID-19 to be considered for this U.S.-based job. (Reasonable accommodations for medical and religious objections will be considered.)

BS in technology related field or equivalent work experience.

10+ year minimum of progressive experience in information technology, cyber security, application support, or applications development.

7 years dedicated security analysis, including kill chain analysis and efficacy of defensive controls

5+ years direct experience with leading frameworks and industry compliance mandates including but not limited to PCI, NIST, Cloud Security, or ISO.

Possess one or more current industry certifications relevant to the job e.g. CISSP, CISM, CISA, or SANS certifications.

In-depth understanding of multiple security disciplines and technologies to offer global solutions for a complex heterogeneous environment.

Preferred Qualifications:

Must possess a proven track record as an influential member of a security program.

Ability to work independently and prioritize multiple projects in a highly dynamic environment.

Excellent communication and teamwork skills demonstrated across broad group of technical and non-technical stakeholders

Skills and Behaviors:

Keep a cool head under pressure

Respond to affected teams and customers with empathy

Process-oriented mindset

Distill and clearly communicate technical security concepts to a variety of stakeholders

Adaptability and flexibility to respond to security incidents

Excellent attention to detail

Be collaborative, yet persistent

Who We Are

About Cox 

We are the Cox family of businesses. We’ve been making our mark since 1898 by building and evolving world-class businesses, staying true to our values, and encouraging top talent to always look for growth and impact while building a career with us.  Our primary divisions – Cox Communications and Cox Automotive – are driving a new wave of innovation, powering smart cities with powerhouse broadband communications and pioneering greener, more progressive transportation alternatives for individuals and fleet operators.  We’re also expanding into new spaces like cleantech and healthcare to rev up our momentum toward building a better future for the next generation.  We’re looking for the talent today who will be our leaders tomorrow. Sound intriguing? Learn more about where we are today, where we hope you’ll be going with us, and the common purpose that unites us at coxenterprises.com. 

Benefits of working at Cox may include health care insurance (medical, dental, vision), retirement planning (401(k)), and paid days off (sick leave, parental leave, flexible vacation/wellness days, and/or PTO).  For more details on what benefits you may be offered, visit our benefits page.

Cox is an Equal Employment Opportunity employer – All qualified applicants/employees will receive consideration for employment without regard to that individual’s age, race, color, religion or creed, national origin or ancestry, sex (including pregnancy), sexual orientation, gender, gender identity, physical or mental disability, veteran status, genetic information, ethnicity, citizenship, or any other characteristic protected by law.

Statement to ALL Third-Party Agencies and Similar Organizations:  Cox accepts resumes only from agencies with which we formally engage their services.   Please do not forward resumes to our applicant tracking system, Cox employees, Cox hiring manager, or send to any Cox facility. Cox is not responsible for any fees or charges associated with unsolicited resumes.