IT Security Ops Specialist(Vulnerability Management Tech Lead ) at MattelInc

  The Vulnerability Management Lead is responsible for leading and delivering day-to-day vulnerability management operations across infrastructure, applications, and cloud environments. This role combines hands-on technical execution with team leadership, ensuring vulnerabilities are accurately identified, prioritized, and remediated in alignment with business risk and regulatory expectations.  The Vulnerability Management Lead provides direct technical leadership to vulnerability analysts while partnering closely with Security Operations, IT, Engineering, and Application teams to drive remediation accountability and continuous improvement. Operating within a global delivery model, this role collaborates with U.S.-based Vulnerability Management leadership and serves as a key execution and escalation point to ensure consistency, scale, and resilience of the global vulnerability management program.  In addition to operational ownership, the Vulnerability Management Lead contributes to programming strategy, tooling optimization, automation, and analytics, ensuring the vulnerability management capability evolves alongside emerging threats, technologies, and regulatory requirements.    Roles and Responsibilities  • Provide direct technical leadership and day-to-day oversight to Vulnerability Management Analysts, ensuring timely, accurate, and risk-based vulnerability identification and remediation.  • Own and manage vulnerability management operations across infrastructure, applications, and cloud environments, including scanning, validation, prioritization, and remediation tracking.  • Serve as a key execution partner and escalation point for U.S.-based Vulnerability Management leadership, ensuring continuity of operations and alignment with global program objectives.  • Design, optimize, and maintain vulnerability scanning strategies, including scan schedules, asset inventories, tagging, authentication, and policy tuning to maximize coverage and reduce false positives.  • Translate large-scale vulnerability data into actionable risk intelligence through automated analytics, dashboards, and reporting aligned to business impact and risk tolerance.  • Drive risk-based prioritization of vulnerabilities using exploitability, threat intelligence, asset criticality, and compensating controls rather than CVSS scores alone.  • Partner with IT, infrastructure, cloud, and application owners to communicate findings, recommend remediation strategies, and influence timely risk reduction decisions.  • Track remediation progress, ownership, exceptions, and end-of-life risks, ensuring transparency and accountability across the enterprise.  • Develop, maintain, and continuously improve vulnerability management runbooks, playbooks, and workflows to ensure operational consistency, audit readiness, and scalability.  • Lead vulnerability assessments and support penetration testing activities, translating findings into prioritized remediation actions and validating risk reduction.  • Monitor emerging threats, zero-day vulnerabilities, and regulatory changes, integrating lessons learned into improved detection, prevention, and response processes.  • Promote automation, AI-assisted prioritization, and continuous improvement across vulnerability management workflows.  • Mentor and develop vulnerability analysts, strengthening technical depth, risk analysis capability, and stakeholder engagement skills.  • Provide advanced escalation support for complex vulnerability findings, tool issues, and remediation challenges.  • Work hours may vary, and the position may require alignment with U.S. time zones and availability during critical security events or remediation windows.  • Additional duties may be assigned as necessary to meet the ongoing needs of the organization.  • Work hours may vary, and the position may require availability during off-business hours as dictated by project needs, system changes, or security events.    Skills and Qualifications  Required:  • 9+ years of experience in cybersecurity, with a strong focus on vulnerability management, security operations, or risk-based security programs.  • Proven experience leading or acting as a technical lead for vulnerability management or security operations teams in a global enterprise environment.  • Hands-on experience with vulnerability management platforms such as Qualys VMDR, Tenable.io, or equivalent tools.  • Strong understanding of vulnerability lifecycle management across infrastructure, operating systems, applications, and cloud environments.  • Experience securing Linux and Windows operating systems across on-prem, hybrid, and cloud environments.  • Demonstrated ability to contextualize vulnerability data using threat intelligence, exploitability, asset criticality, and business risk.  • Experience partnering with IT, engineering, and application teams to drive remediation and risk acceptance decisions.  • Hands-on experience with scripting and automation (e.g., Bash, PowerShell, Python, REST APIs).  • Strong analytical skills with experience building dashboards, metrics, and executive-level reporting.  • Familiarity with security frameworks and standards such as NIST CSF, ISO 27001, and OWASP Top 10.  • Strong technical leadership, communication, and stakeholder management skills.  • Ability to support after-hours coordination or incident response activities as needed.    Preferred:  • Bachelor’s degree in computer science, Cybersecurity, Information Technology, or equivalent practical experience.  • Security certifications such as Security+, SSCP, CCSP, CySA+, PenTest+, or Cloud+.  • Experience incorporating AI-assisted prioritization and analytics into vulnerability management processes.  • Familiarity with penetration testing methodologies and validation of remediation effectiveness.  • Experience operating within regulated environments and supporting audit evidence for vulnerability management controls.  • Background in cloud security across AWS, Azure, and GCP.      Shift Timing:   • Work hours may vary, and the position may require availability during off-business hours as dictated by project needs, system changes, or security events.