Make your mark at the world's largest HVAC company Daikin Applied is seeking a talented Vulnerability Management Program Manager. The Vulnerability Management Owner (VMO) will be responsible for the oversight and leadership of the Enterprise Vulnerability Management Program (VMP). The VMO will be responsible for overseeing the program's lifecycle, setting strategic direction, generating intellectual property, and collaborating with cross-functional teams to meet and exceed program objectives. Come be a part of an exciting journey at Daikin Applied, where innovation and excellence drive our every endeavor! Location: Plymouth, MN - on-site What you will do: Develop and implement the overall strategic plan for the vulnerability management program (VMP), ensuring alignment with the company strategic direction Approve strategic program decisions for final decision making on program strategy, governed by the VMP policy and making strategic plan recommendations to next-level manager Collaborate with and manage a team of security analysts to complete multiple phases of the program, including intake, prioritization, testing, deployment, validation, and reporting Where necessary, make staffing plans to accommodate the VMP as it scales to meet Daikin's needs Identify and resolve operational issues, making recommendations to the VMP Governance team and senior management, as necessary Ensure the vulnerability management program is compliant with ISO 27001 and CMMC frameworks and all applicable regulations and contractual requirements Proactively address vulnerabilities in the environment to reduce organizational risk to critical systems and processes Report to asset owners (IT and OT/Facilities) and security program leadership on the status of vulnerability management and remediation efforts Maintain the program budget to ensure effective allocation of resources to achieve program objectives. This may include managing moderate financial risks and interacting with senior leadership Oversee the development, maintenance, and continual improvement of vulnerability management infrastructure, initiatives, integration, processes, and technical assessment support Drive automation of vulnerability management tools and processes to enhance efficiency, applying operational policies when selecting these solutions Classify and prioritize the risk of new vulnerabilities based on the Daikin environment Generate intellectual property, such as creating a list of known risks and vulnerabilities within Daikin's environment in order to properly remediate threats Identify, analyze, and develop mitigation or remediation actions for system and network vulnerabilities Coordinate vulnerability management actions and POA&M actions with assets owners Compile daily, weekly, monthly, and annual vulnerability metrics associated with affected and non-compliant assets Provide hands-on technical direction to deliver problem, solution, tactical, and break-fix capability, as necessary Direct the execution of the VMP, including the delivery of enterprise-wide vulnerability assessments and targeted penetration testing Research and investigate new and emerging vulnerabilities, including Zero Day events, assess against risk to the corporate and production environments, and participate in external security communities What's in it for you: Medical/Dental/Vision coverage, PTO, 401K match, support for community involvement and much more The ability to make an impact and shape your career with a company that is passionate about growth The support of an organization that believes it is vital to include and engage diverse people, perspectives, and ideas to achieve our best Minimum Qualifications: Bachelors Degree in Computer Science, Information Systems, Computer Engineering, Cybersecurity, Information Security or an equivalent combination of relevant education and experience 8+ years of experience in threat & vulnerability mgmt. 4 years of management experience Advanced understandi g of cybersecurity frameworks such as NIST 800-53, ISO 27001, and CMMC Work visa sponsorship is not available for this position Preferred Qualifications: 10+ years of experience in Cybersecurity M&A integration, Cybersecurity project management, Security risk assessment or audit Information Security professional certifications such as Certified Information on Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Shared Assessments Certified Third Party Risk Professional (CTPRP) or Certified Third-Party Risk Assessor (CTPRA), Information Systems Security Architecture Professional (ISSAP), Information Systems Security Engineering Professional (ISSEP) #LI-RS1, #LI-onsite Equal Opportunity Employment: It is the policy of Daikin Applied to provide equal employment opportunity (EEO) to all persons regardless of race, creed, color, religion, gender, gender identification, sexual orientation, age, national origin, disability, protected veteran status, genetic information, marital status, membership or activity in a local commission, or any other characteristic protected by federal, state or local law.