Vulnerability & Application Security Manager at Sysco: Secure Our Future Together

Role Overview

Sysco is seeking a highly skilled and motivated Vulnerability & Application Security Manager to safeguard our digital assets and ensure the security of our infrastructure and applications. As a key member of our cybersecurity team, you will be responsible for leading and evolving our vulnerability management and application security programs. This is a hands-on role that requires a strategic thinker with a strong technical background and the ability to effectively communicate complex security concepts to both technical and non-technical audiences. You will play a critical role in protecting Sysco from cyber threats and ensuring the confidentiality, integrity, and availability of our data.

A Day in the Life

As Vulnerability & Application Security Manager, your day-to-day activities will include: * **Vulnerability Scanning and Assessment:** Conducting regular vulnerability scans of our infrastructure and applications using tools like Tenable, Wiz, and Armis. Analyzing scan results to identify and prioritize vulnerabilities based on their severity and potential impact. * **Remediation Coordination:** Working with IT and development teams to coordinate the remediation of identified vulnerabilities. Tracking remediation progress and ensuring that vulnerabilities are addressed in a timely manner. * **SDLC Integration:** Integrating security into the Software Development Life Cycle (SDLC) by conducting SAST/DAST/SCA scans, performing threat modeling exercises, and collaborating with developers on secure coding practices. * **Threat Modeling:** Leading threat modeling sessions to identify potential security risks in our applications and systems. Developing mitigation strategies to address these risks. * **Security Tool Management:** Managing and maintaining our security tools, ensuring that they are properly configured and up-to-date. Evaluating new security technologies and making recommendations for improvements to our security infrastructure. * **Security Awareness Training:** Developing and delivering security awareness training to employees to educate them about security threats and best practices. * **Incident Response:** Participating in incident response activities, including investigating security incidents, identifying root causes, and implementing corrective actions. * **Compliance:** Ensuring that our security practices comply with relevant regulations and standards, such as OWASP, NIST, PCI-DSS, and HIPAA. * **Reporting:** Developing and presenting reports on vulnerability management and application security metrics to senior management. * **Staying Current:** Keeping up-to-date with the latest security threats, vulnerabilities, and technologies.

Why Houston, Texas?

Houston, Texas, is a vibrant and diverse city with a thriving economy and a strong job market. As the fourth-largest city in the United States, Houston offers a wide range of cultural attractions, entertainment options, and outdoor activities. The city is home to a number of major corporations, including Sysco, providing ample opportunities for career growth and advancement. Houston also boasts a relatively low cost of living compared to other major cities in the United States, making it an attractive place to live and work. Furthermore, Houston is a hub for technology and cybersecurity, with a growing community of professionals and organizations focused on protecting critical infrastructure and data. This provides access to a wealth of resources and networking opportunities for cybersecurity professionals.

Career Path

The Vulnerability & Application Security Manager role at Sysco offers a clear career path for advancement within the cybersecurity organization. With proven experience and leadership skills, you can advance to roles such as: * **Senior Security Manager:** Overseeing multiple security domains and leading a team of security professionals. * **Director of Security:** Responsible for the overall security strategy and operations of the organization. * **Chief Information Security Officer (CISO):** Leading the organization's cybersecurity efforts and reporting directly to senior management. Sysco is committed to providing employees with opportunities for professional development and growth. We offer a variety of training programs and resources to help you advance your career.

Salary & Benefits

The estimated salary range for the Vulnerability & Application Security Manager role at Sysco in Houston, Texas is $130,000 to $180,000 per year. The actual salary will be determined based on your experience, skills, and qualifications. Sysco also offers a comprehensive benefits package, including: * Comprehensive health insurance (medical, dental, vision) * Life insurance * Disability insurance * Paid time off (PTO) * Paid holidays * 401(k) retirement plan with company match * Employee stock purchase plan * Flexible spending accounts (FSA) * Health savings accounts (HSA) * Employee assistance program (EAP) * Wellness programs * Tuition reimbursement * Professional development opportunities * Employee discount programs For more information on Sysco’s benefits, please visit [https://SyscoBenefits.com](https://SyscoBenefits.com).

Sysco Culture

Sysco is a global leader in foodservice distribution, with a strong commitment to our customers, our employees, and our communities. We are a company that values integrity, teamwork, and innovation. We offer our colleagues the opportunity to grow personally and professionally, to contribute to the success of a dynamic organization, and to serve others in a manner that exceeds their expectations. We are looking for talented, hard-working individuals to join our team. Come grow with us and let us show you why Sysco is at the heart of food and service. Sysco is an equal opportunity employer and is committed to creating a diverse and inclusive work environment. We encourage applications from all qualified individuals, regardless of race, ethnicity, religion, gender, sexual orientation, age, disability, or veteran status.

How to Apply

If you are interested in applying for the Vulnerability & Application Security Manager role at Sysco, please visit our careers website at [Sysco Careers](SyscoBenefits.com) and submit your application online. Please include a resume and cover letter highlighting your relevant experience and qualifications. ## Frequently Asked Questions (FAQ) **1. What are the key responsibilities of a Vulnerability & Application Security Manager at Sysco?** The Vulnerability & Application Security Manager is responsible for leading and evolving Sysco's security posture across infrastructure and applications. This includes vulnerability scanning and assessment, remediation coordination, SDLC integration, threat modeling, security tool management, and compliance. **2. What qualifications are required for this role?** Candidates should have a Bachelor's or Master's degree in Cybersecurity, Computer Science, Information Technology, or a related field, along with 7+ years of experience in cybersecurity, including at least 2 years in a leadership role or vulnerability management. Relevant certifications such as CISSP, CISM, OSCP, or GIAC are also required. **3. What tools and technologies should I be familiar with?** Strong knowledge of vulnerability management tools (e.g., Tenable, Wiz, Armis) is essential. Experience with SAST/DAST/SCA scanning methodologies, threat modeling, cloud platforms (AWS, Azure, GCP), and container security is also highly desirable. **4. What is the company culture like at Sysco?** Sysco is a global leader in foodservice distribution that values integrity, teamwork, and innovation. The company is committed to providing employees with opportunities for personal and professional growth in a diverse and inclusive work environment. **5. What are the benefits of working at Sysco?** Sysco offers a comprehensive benefits package, including health insurance, life insurance, disability insurance, paid time off, a 401(k) retirement plan, and tuition reimbursement. **6. What opportunities are there for career advancement?** Sysco offers a clear career path for advancement within the cybersecurity organization. With proven experience and leadership skills, you can advance to roles such as Senior Security Manager, Director of Security, or Chief Information Security Officer (CISO). **7. How does Sysco support professional development?** Sysco is committed to providing employees with opportunities for professional development and growth. We offer a variety of training programs and resources to help you advance your career. **8. What is the work environment like in Houston, Texas?** Houston is a vibrant and diverse city with a thriving economy and a strong job market. It offers a wide range of cultural attractions, entertainment options, and outdoor activities. The city is also a hub for technology and cybersecurity, providing access to a wealth of resources and networking opportunities for cybersecurity professionals. **9. How does Sysco ensure diversity and inclusion?** Sysco is an equal opportunity employer and is committed to creating a diverse and inclusive work environment. We encourage applications from all qualified individuals, regardless of race, ethnicity, religion, gender, sexual orientation, age, disability, or veteran status. **10. Where can I find more information about Sysco's benefits?** For more information on Sysco’s benefits, please visit [https://SyscoBenefits.com](https://SyscoBenefits.com). Sysco is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.