Director, Vulnerability Management Assurance & Remediation
Corée

Director, Vulnerability Management Assurance & Remediation

Artia13 7 Views

Director, Vulnerability Management Assurance & Remediation

Emploi Corée

Titre du poste : Director, Vulnerability Management Assurance & Remediation

Entreprise : 쿠팡

Description du poste : Director, Vulnerability Management Assurance & RemediationDescription:Our Why: We exist to protect a way of life that many people have come to rely on. We protect the small business that relies on Coupang to be able to open their doors every day. The customer trust in protecting their PII fiercely. Also, our fellow employees and their data as they come to work every day being proud to work for Coupang. We exist to be thought leaders and help the industry and government partners. To come to work focused on outcomes and not egos, and to head home at the end of a day with a sense of pride with what we accomplished together as a team. Our why drives everything that we do.As our Director over Vulnerability Management, you will be responsible for building a new program that combines our existing foundational scanning functionality with a proactive approach to Vulnerability Management Assurance leveraging modern toolsets around data identification, classification, and retention enforcement across all possible data sources from endpoint to cloud. This is a new function being created to address the unique challenges of the eCommerce space of a global company. You will need a proven track record of building successful programs, inspiring and developing teams, with the ability to work across levels and organizations with autonomy. In addition to being a leader, you will be a technical manager that has expert working knowledge in Cybersecurity Assurance, risk-based vulnerability and configuration management, root-cause security issues, quickly assessing the potential threats, and educating other members of the broader team.Key Responsibilities:

  • Design, develop, and maintain vulnerability scanning profiles for enterprise IT infrastructure, including servers, workstations, cloud environments, and network devices.
  • Develop auditable systems to assess and validate scope, scale, and saturation of scans.
  • Develop, manage, and operationalize contextually aware SBOM scanning.
  • Adjust compliance scanning policies and disposition false positive scan results.
  • Support expansion of the program to remaining asset categories.
  • Develop and manage automated solutions for secure configuration deployment and monitoring.
  • Conduct periodic assessments to validate security compliance and identify deviations from scanning configurations.
  • Provide technical leadership in security configuration management, including training and mentorship for junior team members.
  • Work with baseline configuration management and threat intelligence teams to enhance security postures based on evolving threats and risk assessments.
  • Ensure alignment with regulatory and compliance requirements, such as PCI-DSS, HIPAA, ISO 27001, and FedRAMP.
  • Document and maintain security configuration policies, procedures, and implementation guides.
  • Investigate and remediate security configuration issues identified through audits, assessments, or security incidents.

Qualifications:

  • 10+ years of experience in vulnerability and security configuration management, system administration, and compliance.
  • Experience with workflow automation and reporting solutions.
  • Expert knowledge of infrastructure, application, and cloud vulnerability detection.
  • Specialized expertise in industry vulnerability management sources (CISA, CVE, NVD, etc.), public cloud hosting/architecture, and SaaS configuration monitoring tooling (e.g., Netskope).
  • Strong knowledge of security frameworks, including CIS Benchmarks, NIST 800-53, DISA STIGs, and ISO 27001.
  • Proficiency in scripting languages (e.g., PowerShell, Python, Bash) for automation and compliance enforcement.
  • Experience with security configuration auditing and assessment tools (e.g., SCAP, Nessus, Tenable, Qualys).
  • Strong problem-solving, analytical, and communication skills.
  • Master’s degree or equivalent practical experience

Preferred Languages and Certifications:

  • Industry certifications such as CISSP, CISM, CISA, or relevant vendor-specific certifications (AWS Security, Microsoft Security, etc.) are preferred.
  • English, Korean, and Mandarin

Salaire attendu :

Localisation : 서울시

Date du poste : Wed, 21 May 2025 07:26:00 GMT

Postulez dès maintenant !

Artia13

Depuis 1998, je poursuis une introspection constante qui m’a conduit à analyser les mécanismes de l’information, de la manipulation et du pouvoir symbolique. Mon engagement est clair : défendre la vérité, outiller les citoyens, et sécuriser les espaces numériques. Spécialiste en analyse des médias, en enquêtes sensibles et en cybersécurité, je mets mes compétences au service de projets éducatifs et sociaux, via l’association Artia13. On me décrit comme quelqu’un de méthodique, engagé, intuitif et lucide. Je crois profondément qu’une société informée est une société plus libre.

Artia13 has 14439 posts and counting. See all posts by Artia13

Vous Aimerez Peut-être Aussi

Rare Disease (Senior) Brand Manager

Rare Disease (Senior) Brand Manager

Artia13
Field Service Integrator

Field Service Integrator

Artia13
Senior Manager, Branded Channel Lead

Senior Manager, Branded Channel Lead

Artia13