Ciena is committed to our people-first philosophy. Our teams enjoy a culture focused on prioritizing a personalized and flexible work environment that empowers an individual’s passions, growth, wellbeing and belonging. We’re a technology company that leads with our humanity—driving our business priorities alongside meaningful social, community, and societal impact.
The Security Organization
Security matters at Ciena. The Security team at Ciena is a tight knit group of skilled professionals who share the same passion for defending the company, our products, and our reputation by building a robust and proactive security program. With the ever-increasing volume and complexity of regulatory requirements, security threats, and customer expectations, we are growing and have exciting work planned.
We are seeking a highly skilled and motivated Project Manager to join our team as a key player in our vulnerability management program. As the Project Manager for Vulnerability Management, you will be responsible for overseeing and driving the identification, analysis, and remediation of security vulnerabilities across our organization. Your role will involve coordinating efforts with cross-functional teams, managing timelines, and ensuring the successful execution of vulnerability management projects.
Responsibilities
Vulnerability Assessment Coordination: Collaborate with the security team to organize and conduct regular vulnerability assessments, penetration tests, and security audits on our systems, networks, applications, and other assets.
Vulnerability Identification and Analysis: Oversee the identification and analysis of vulnerabilities, leveraging vulnerability scanning tools and manual assessments, to prioritize risk and potential impact.
Vulnerability Remediation Management: Work closely with IT and development teams to track and facilitate the remediation of identified vulnerabilities within agreed-upon timeframes. Monitor the progress and escalate issues when necessary.
Project Planning and Execution: Develop detailed project plans, including timelines, milestones, and resource requirements, to ensure the effective and timely execution of vulnerability management initiatives.
Cross-functional Collaboration: Collaborate with various teams, including IT, Security Operations, Development, and Compliance, to promote a cohesive approach to vulnerability management across the organization.
Risk Management: Evaluate the business risks associated with identified vulnerabilities and assist in developing risk mitigation strategies.
Reporting and Metrics:Provide regular reports and metrics to key stakeholders, such as management and executive teams, highlighting the current state of vulnerabilities, ongoing remediation efforts, and improvements in the security posture.
Security Awareness and Training: Contribute to the development and delivery of security awareness and training programs to enhance the understanding of security risks and best practices within the organization.
Continuous Improvement: Stay updated on the latest security trends, vulnerabilities, and industry best practices to continuously improve the vulnerability management program.
Project Planning and Initiation: Collaborate with stakeholders to define project scope, objectives, and deliverables. Develop comprehensive project plans, including timelines, resource allocation, and risk assessments.
Project Execution and Monitoring: Lead and manage the execution of cybersecurity projects, ensuring that all tasks and activities are completed as planned. Monitor project progress, identify and address potential roadblocks, and make necessary adjustments to achieve project goals.
Team Leadership: Build and lead cross-functional teams, including cybersecurity specialists, analysts, engineers, and other relevant stakeholders. Foster a collaborative and productive team environment to ensure the successful delivery of projects.
Resource Management:Optimize the allocation of resources, including personnel, technology, and budget, to maximize project efficiency and effectiveness.
Vendor and Stakeholder Management: Work with external vendors and manage relationships with third-party cybersecurity service providers. Collaborate with internal and external stakeholders to ensure alignment and support for project objectives.
Compliance and Standards: Ensure that cybersecurity projects adhere to relevant industry standards, regulations, and internal security policies.
Qualifications and Requirements:
Bachelor's degree in Computer Science, Information Security, or related field. A relevant Master's degree is a plus.
Proven experience (5 years) as a Project Manager, preferably in the cybersecurity or information security domain.
Strong understanding of vulnerability management practices, tools, and methodologies.
Strong experience in Agile project management methodologies (Scrum, Kanban) with knowledge and understanding of Agile coaching principles and practices.
Proven track record of successfully managing Agile projects and delivering results with the ability to plan, execute, and monitor multiple projects simultaneously.
Familiarity with vulnerability scanning tools, such as Nessus, Qualys, Rapid7 or similar.
Proficiency with JIRA, Confluence, and Office 365 for project management and documentation.
Knowledge of common security frameworks (e.g., NIST, CIS, ISO) and industry standards.
Strong communication skills to convey technical information to both technical and non-technical stakeholders.
Ability to lead and collaborate effectively with cross-functional teams.
Security certifications such as CISSP, CISM, or PMP are advantageous.
Agile/Scrum certifications such as CSM, CSPO, A-CSM, A-CSPO, CSP-SM, and/or CSP-PO are preferred.
In-depth knowledge of cybersecurity principles, best practices, and industry standards.
Familiarity with cybersecurity frameworks such as NIST Cybersecurity Framework, ISO 27001, or CIS Controls.
Experience managing a diverse team of cybersecurity professionals.
Strong project management skills, including planning, execution, risk management, and resource allocation.
#LI-SM
#LI-MP1