(GIS) Cybersecurity Vulnerability Operations Manager

Date: Oct 12, 2021

Location: Apodaca, NLE, MX, 66634

Company: Whirlpool Corporation

Requisition ID: 44047 

Whirlpool Corporation (NYSE: WHR) is the world’s leading kitchen and laundry appliance company, with approximately $19 billion in annual sales, 78,000 employees and 57 manufacturing and technology research centers in 2020. The company markets Whirlpool, KitchenAid, Maytag, Consul, Brastemp, Amana, Bauknecht, JennAir, Indesit and other major brand names in nearly every country throughout the world. 

Whirlpool Corporation is consistently recognized by FORTUNE as one of the World’s Most Admired Companies. Our values are the driving force behind everything we do. Integrity, Respect, Inclusion & Diversity, One Whirlpool, and Spirit of Winning propel our teams to excellence. Get to know us and see what it's like to be part of a company that is in constant pursuit of improving life at home.


Cybersecurity Vulnerability Operations Manager


Level: Manager

Area: GIS

Location: Apodaca: Nuevo León,Mx


Currently, we are seeking qualified candidates for a Manager - Cybersecurity Vulnerability Assessment Manager to join our Global Information Services (GIS) CyberSecurity Team.


Day to Day
Today, you might be working with business teams around the world to demonstrate how vulnerability management operations can safely advance their business goals.  Tomorrow, you will be defining global policies and secure methods for using vulnerability management services.  In addition, you will be providing metric dashboards and reports for vulnerability identification and remediation progress with internal Whirlpool teams and 3rd parties.  You will be consulting with project teams to ensure their projects are enrolled in the monthly scanning cadence. Later in the week, you may be training project teams and 3rd parties on vulnerability management best practices. Next week, you might be asked to work on researching, creating, and approving new vulnerability assessment tactics, policies or practices to keep pace with the business objectives of the company, and stay abreast of the latest trends to determine applicability for Whirlpool Corporation.  You may also be coaching and developing your team to think differently about the future security needs of the company to anticipate and be ready for new security opportunities while retiring outdated practices.


What You Will Do 

  • Own, design and drive a global vulnerability management program for Whirlpool Corporation, focusing on vulnerability management scanning tools, penetration testing, vulnerability assessments, scripting, vulnerability management scan result analysis, vulnerability remediation / patching, and reporting.

  • Design, architect and build a global vulnerability management infrastructure and create a sustainable scanning and remediation cadence.

  • Interact and collaborate with different business units and 3rd party vendors to assess remediation performance and continuous improvement.

  • Understand the broader Global Information Services (GIS), Enterprise Infrastructure Services (EIS) and Cybersecurity Strategies to inform the roadmap for the evolution of vulnerability management.

  • Conduct vulnerability scans across various networks and communicate vulnerability management analysis through reports and dashboards to accurately identify risk.

  • Represent the cybersecurity function in multiple forums

  • Collaborate with the overall cybersecurity team on security strategy and requirements.

  • Provide input and recommendations on cybersecurity policy, risk, and overall security best practices.

  • Provide oral and written reports on vulnerability risk to the team and possibly agencies’ technical stakeholders.

  • Evaluate the current threat landscape that includes tactics, techniques and procedures.

  • Review and approve cybersecurity activity to ensure compliance with information security policy and best practices.

  • Align with and advocate global processes and policy.

  • Interact with, influence, and negotiate security requirements with internal and external parties.

  • Continue to learn and grow your knowledge across multiple cloud providers and technologies.


What You Need To Succeed

  • Servant leader mindset for responsible enablement of business objectives and employee activity

  • Passion for keeping the global Whirlpool organization safe, secure, and reliable.

  • Experience evaluating security vulnerabilities, assessing risk and impact, developing mitigation strategies, and implementing remediation.

  • Experience with system, application, and internet scanning tools.

  • Experience conducting research on CVE’s, vendor hardware/software vulnerabilities, triaging those vulnerabilities, and presenting succinct technical overviews to team members.

  • Experience with Cybersecurity standards and best practices and how to integrate them.

  • Strong understanding of user authentication, data classification, IT controls, encryption.

  • Ability to manage expectations, bring together and align different points of view.

  • Possess outstanding executive presence and communication skills in oral and written form.

  • Ability to establish positive working relationships and garner influence with other functions.

  • Self motivated to own and solve difficult challenges and ability to motivate others to higher levels of performance and engagement.

  • Strong technical competence up and down the cloud technology stack - user interface, applications, communications, infrastructure, database, storage, etc.

  • Project management capability for business case development, planning, and execution.

  • Extensive experience with scripting such as Python and PowerShell to automate vulnerability management tasks.

  • Strong knowledge of CVE’s, CVSS, Vector Strings, NVD, Mitre, attack vectors and mitigation.

  • Knowledge and experience in Agile methodology and leadership for cross skilled teams.

  • Strong desire and aptitude for continuous learning and keeping abreast of new and emerging technology and cyber threats/vulnerabilities.

  • Strong background with next generation firewall products, intrusion detection systems, DMZ, IPSec, DNS, SMTP, HTTPS, VPN, proxies, etc.

  • Knowledge of security best practices across multiple operating platforms.

  • Knowledge of public-key cryptography, understanding of encoding, encryption, and hashing techniques.

  • Knowledge of security best practices: NIST, CIS, ISO, etc.

  • Ability to analyze Cybersecurity documentation, including security policies, plans, and procedures.

  • Ability to travel globally if required

  • Bachelor’s degree required and minimum 3 years experience in CyberSecurity vulnerability management.



Connect with us and learn more about Whirlpool Corporation 

See what it's like to work at Whirlpool by visiting Whirlpool Careers. Additional information about the company can be found on Facebook, Twitter, LinkedIn, Instagram and YouTube.

At Whirlpool Corporation, we value and celebrate diversity. Whirlpool Corporation is committed to equal employment opportunity and prohibits any discrimination on the basis of race or ethnicity, religion, sex, pregnancy, gender expression or identity, sexual orientation, age, physical or mental disability, veteran status, or any other category protected by applicable law.

Job Segment: Operations Manager, Geology, GIS, Social Media, Operations, Engineering, Technology, Marketing