IT Security Ops Specialist (Vulnerability Management Tech Lead)

As the Vulnerability Management Lead at Mattel, you will be responsible for leading and delivering day-to-day vulnerability management operations across infrastructure, applications, and cloud environments. Your role will involve a combination of hands-on technical execution and team leadership to ensure vulnerabilities are accurately identified, prioritized, and remediated in alignment with business risk and regulatory expectations. You will provide direct technical leadership to vulnerability analysts and collaborate closely with Security Operations, IT, Engineering, and Application teams to drive remediation accountability and continuous improvement.

• *Roles and Responsibilities:**
• Provide direct technical leadership and day-to-day oversight to Vulnerability Management Analysts for timely, accurate, and risk-based vulnerability identification and remediation.
• Own and manage vulnerability management operations across infrastructure, applications, and cloud environments including scanning, validation, prioritization, and remediation tracking.
• Design, optimize, and maintain vulnerability scanning strategies to maximize coverage and reduce false positives.
• Translate vulnerability data into actionable risk intelligence through automated analytics, dashboards, and reporting aligned to business impact.
• Drive risk-based prioritization of vulnerabilities using exploitability, threat intelligence, asset criticality, and compensating controls.
• Partner with IT, infrastructure, cloud, and application owners to communicate findings, recommend remediation strategies, and influence timely risk reduction decisions.
• Develop and continuously improve vulnerability management runbooks, playbooks, and workflows for operational consistency, audit readiness, and scalability.
• Lead vulnerability assessments, support penetration testing activities, and validate risk reduction.
• Monitor emerging threats, zero-day vulnerabilities, and regulatory changes to enhance detection, prevention, and response processes.
• Promote automation, AI-assisted prioritization, and continuous improvement across vulnerability management workflows.
• Mentor and develop vulnerability analysts to strengthen technical depth, risk analysis capability, and stakeholder engagement skills.
• Provide advanced escalation support for complex vulnerability findings, tool issues, and remediation challenges.
• Work hours may vary, and the position may require availability during off-business hours as needed.
• *Skills and Qualifications Required:**
• 9+ years of experience in cybersecurity with a focus on vulnerability management, security operations, or risk-based security programs.
• Proven experience leading vulnerability management or security operations teams in a global enterprise environment.
• Hands-on experience with vulnerability management platforms such as Qualys VMDR, Tenable.io, or equivalent tools.
• Strong understanding of vulnerability lifecycle management across various environments.
• Experience securing Linux and Windows operating systems across different environments.
• Ability to contextualize vulnerability data using threat intelligence, exploitability, asset criticality, and business risk.
• Strong analytical skills with experience in building dashboards, metrics, and reporting.
• Familiarity with security frameworks and standards such as NIST CSF, ISO 27001, and OWASP Top 10.
• Strong technical leadership, communication, and stakeholder management skills.
• Ability to support after-hours coordination or incident response activities as needed.
• *Preferred:**
• Bachelors degree in computer science, Cybersecurity, Information Technology, or equivalent.
• Security certifications such as Security+, SSCP, CCSP, CySA+, PenTest+, or Cloud+.
• Experience with AI-assisted prioritization and analytics in vulnerability management.
• Familiarity with penetration testing methodologies and remediation validation.
• Background in cloud security across AWS, Azure, and GCP.

This is an exciting opportunity to be part of a purpose-driven company like Mattel that empowers generations to explore childhood wonder and reach their full potential. If you are passionate about cybersecurity and vulnerability management, we encourage you to apply even if you don't meet every single requirement as we value an inclusive workplace and a culture of belonging. As the Vulnerability Management Lead at Mattel, you will be responsible for leading and delivering day-to-day vulnerability management operations across infrastructure, applications, and cloud environments. Your role will involve a combination of hands-on technical execution and team leadership to ensure vulnerabilities are accurately identified, prioritized, and remediated in alignment with business risk and regulatory expectations. You will provide direct technical leadership to vulnerability analysts and collaborate closely with Security Operations, IT, Engineering, and Application teams to drive