- Please document qualifications on resume.
Required Qualifications:
-
Bachelor’s degree and 4 years of relevant work experience or a Master's degree plus at least two years of experience.
-
At least 2 years of experience in one or more of the following:
-
Vulnerability Management
-
Systems Administration
-
Experience providing consultative guidance to diverse teams
-
Current technical knowledge and understanding of threats, emerging threats, and vulnerabilities.
-
Proficiency in STIGs, CIS benchmarks, and NIST frameworks for system hardening.
-
Demonstrated ability to manage projects and/or programs, including prioritization of efforts.
-
Excellent communication (oral, written, presentation), interpersonal, and consultative skills.
Preferred Qualifications:
-
Strong understanding of vulnerability management best practices and familiarity with relevant frameworks (CVSS, OWASP Top 10).
-
Experience with vulnerability management governance structures in a large/decentralized organization.
-
Knowledge or experience with relevant information security and regulatory frameworks such as CIS, PCI, HIPAA, NIST, CMMC
-
One or more relevant security related certifications (e.g. GSEC, Security+).
-
Coding/scripting experience (e.g. python, powershell, etc.).
-
Experience with deployment, maintenance and use of vulnerability scanning and testing tools (Rapid7, Tenable, Qualys or others).
-
Demonstrated process improvement and/or process design experience, including supporting technical documentation
At the University of Minnesota, we are dedicated to changing lives through education, research, and outreach. The University Information Security department (UIS) offers an environment of trust, collaboration, and mission-focused work. We seek an individual who will be responsible for providing guidance and support to the broader University IT community in detecting and addressing security vulnerabilities. This position will manage University vulnerability management tools and provide risk-based prioritization and consultative support to IT staff detecting and remediating security vulnerabilities to maintain compliance with information security policy.
Job Responsibilities:
-
Engineer solutions and maintain the University-wide vulnerability management program.
-
Develop and manage remediation activities by ensuring departments mitigate vulnerabilities in a
timely manner based on risk. -
Build integration and automation for vulnerability management tasks.
-
Define vulnerability analysis, resolution strategy, and provide input to mitigation proposals.
-
Initiate scans and other testing mechanisms as needed.
-
Engineer technical solutions to manage exposure to vulnerabilities.
-
Collaborate with distributed IT staff and system owners to help them interpret results, validate
false-positives, and apply patches and remediations. -
Consult with system administrators to understand the operational impact and effort associated
with mitigations. -
Prioritize and design various vulnerability management tool functions and features.
-
Develop metrics to measure the effectiveness of the vulnerability management program and
mitigation strategies. -
Evaluate and implement technical options for enhanced visibility and decision-making by
stakeholders at multiple levels. -
Interface, influence, and engage the University’s IT community to promote vulnerability
management across various levels of the organization. -
Provide guidance to comply with University policy and other relevant frameworks.
-
Document, manage, and perform auditable procedures.
-
Maintain strong knowledge of vulnerability management best practices and familiarity with
relevant frameworks (CVSS, OWASP Top 10). -
Escalate security issues where appropriate.
The University of Minnesota is committed to fostering local talent through employment opportunities. While this position utilizes a predominantly remote work modality, prospective applicants must be located either in the state of Minnesota or near the Wisconsin border or otherwise open to relocation.
Please note, this position is not eligible for H-1B or Green Card sponsorship.
We Offer:
-
University paid contribution (10% of your salary) to your retirement account - vested immediately.
-
22 paid vacation days per year, in addition to sick leave and 12 paid holidays.
-
Reduced tuition opportunities covering 75% - 100% of eligible tuition.
-
Excellent and affordable health care benefits (2023 Enrollment Guide).
-
Wellbeing program with opportunity to earn lower health care rates.
-
Free disability insurance and employer-paid life insurance.
-
Public Service Loan Forgiveness (PSLF) opportunity.
-
Financial counseling services.
-
Employee Assistance Program with eight sessions of counseling at no cost.
-
Employee Transit Pass with free or reduced rates in the Twin Cities metro area.
-
Annual merit increase program.
The Office of Information Technology (OIT) is the University's central IT unit and provides enterprise-level technologies and services that are broadly consumed, core to central administrative business operations, and tend to offer substantial economies of scale. We are part of a larger ecosystem of IT professionals who work in academic and support units systemwide. Local or collegiate IT units often offer discipline-specific, niche, and complementary services to the OIT central services.
Applications must be submitted online. To be considered for this position, please click the Apply button and follow the instructions. You will have the opportunity to complete an online application for the position and attach a cover letter and resume or CV.
Required application materials: resume and cover letter.
This position will remain open until filled.
To request an accommodation during the application process, please e-mail [email protected] or call (612) 624-8647.
The University recognizes and values the importance of diversity and inclusion in enriching the employment experience of its employees and in supporting the academic mission. The University is committed to attracting and retaining employees with varying identities and backgrounds.
The University of Minnesota provides equal access to and opportunity in its programs, facilities, and employment without regard to race, color, creed, religion, national origin, gender, age, marital status, disability, public assistance status, veteran status, sexual orientation, gender identity, or gender expression. To learn more about diversity at the U: http://diversity.umn.edu
Any offer of employment is contingent upon the successful completion of a background check. Our presumption is that prospective employees are eligible to work here. Criminal convictions do not automatically disqualify finalists from employment.
The University of Minnesota, Twin Cities (UMTC)
The University of Minnesota, Twin Cities (UMTC), is among the largest public research universities in the country, offering undergraduate, graduate, and professional students a multitude of opportunities for study and research. Located at the heart of one of the nation's most vibrant, diverse metropolitan communities, students on the campuses in Minneapolis and St. Paul benefit from extensive partnerships with world-renowned health centers, international corporations, government agencies, and arts, nonprofit, and public service organizations.
At the University of Minnesota, we are proud to be recognized by Forbes as a Best Employer for Company Culture (2026), Best Employer for Women (2023), and Best Employer by State (2022-2026). In 2026, we also received Culture Excellence & Industry Awards recognition for employee appreciation and work-life flexibility.