Lead Vulnerability Management Security Engineer

At Deckers Brands, Together, Every Step is a promise kept that every employee can bring their authentic self, is valued and supported, as a whole person, at work and beyond. Together, Every Step is how we continue to deliver exceptional business results, experience an amazing place to work, and have a positive impact on the communities and world around us.

Job Title:
Lead Vulnerability Management Security Engineer

Reports to:
Dir, Security Engineering

Location:
United States (Remote)

Interested applicants must reside in one of the following approved states: Arizona, California, Colorado, Indiana, Massachusetts, Minnesota, New York, Oregon, Pennsylvania, Texas, Utah, Washington

The Role
As the Lead Vulnerability Management Security Engineer, you'll be at the heart of Deckers Brands' commitment to safeguarding our people, products, and platforms. You'll set the strategic direction for vulnerability management, collaborating with cross-functional teams to identify, assess, and remediate security risks. Your expertise will help shape our security standards, drive the adoption of advanced technologies, and ensure our environment is resilient against emerging threats. This is a unique opportunity to make a meaningful impact—protecting our business, empowering our teams, and building trust with our customers worldwide.

We celebrate diversity--of your background, your experiences and your unique identity. We are committed to ensuring an inclusive and equitable workplace where all of our employees can Come as They Are. We believe that when we bring our different perspectives to work, we are truly Better Together.
Your Impact

• Lead the review and analysis of vulnerability data to identify trends, patterns, and key risks across Deckers' global environment
• Facilitate vulnerability management meetings and drive risk-based discussions to prioritize and accelerate remediation efforts
• Advise and support remediation teams in developing actionable plans to address vulnerabilities and strengthen our security posture
• Perform risk-based assessments for both on-premise and cloud-based services, ensuring robust protection for critical assets
• Integrate advanced security technologies and automation tools to enhance threat detection and response capabilities
• Build and present business cases for adopting new security solutions to mitigate emerging risks
• Develop, consolidate, and maintain security metrics to measure the effectiveness of our cybersecurity program
• Apply industry-leading frameworks (NIST, ISO27001/2, CIS Top 20 Controls) to establish and maintain best-in-class security measures
• Foster strong relationships with technical teams, serving as a trusted advisor and championing a culture of security awareness
• Contribute to the strategic direction of the Technical Security team by designing and implementing tools that enhance customer trust and detect suspicious activity

Who You Are

• BA/BS degree or equivalent experience in a relevant field
• Security professional certification (CISSP, CVA, GEVA, or similar) preferred
• 4+ years of hands-on experience in vulnerability management, including scanning, assessment, and remediation
• Proven success in starting and growing a vulnerability management program
• Proficiency with leading vulnerability management tools (Tenable, CrowdStrike) and scripting/automation languages (PowerShell, Python)
• Deep understanding of security frameworks and compliance standards (NIST, ISO27001/2, CIS Top 20 Controls, PCI-DSS, HIPAA)
• Strong analytical skills to identify patterns, trends, and actionable insights from complex vulnerability data
• Excellent communication skills for reporting and stakeholder engagement
• Collaborative mindset with the ability to serve as a trusted advisor across cross-functional teams
• Self-driven, strategic thinker with a passion for advancing cybersecurity programs

What We'll Give You –

• Competitive Pay and Bonuses - We've created a variety of competitive compensation programs to foster career development, reward success and to show our employees just how much they're valued.
• Financial Planning and wellbeing - No matter what financial goals our employees have set, we want to help them get there. Our plans provide powerful ways to protect income, pay for expenses and invest in the future.
• Time away from work - Sometimes we need time away to be with family, focus on our health or just simply recharge. Our plans support our employees' needs to get out, get healthy and come back stronger than ever.
• Extras, discounts and perks - Being a valued member of the Deckers Brands team means more than just a paycheck. From generous discounts to community-based programs, we offer a variety of cool extras
• Growth and Development - Deckers Brands was built on the idea of pursuing passion. That's why we offer extensive opportunities and support for personal and professional development.
• Health and Wellness - There's nothing basic about our comprehensive health and wellness programs and offerings. While at work and at play, we aim to support a healthy lifestyle.

$120,000 - $130,000
The salary range posted reflects the minimum and maximum target for new hire salaries for this role in our Goleta, CA location. Individual pay will be determined by location and additional factors, including job related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary for your preferred location during the hiring process.

Equal Employment Opportunity
Diversity and inclusion are key to our success. We are proud to be an equal opportunity employer, and our employees are people with different strengths, experiences and backgrounds who share a passion for our brands. We welcome qualified applicants regardless of their race, color, religion, sex, sexual orientation, gender identity, gender expression, national origin, age, military or veteran status, mental or physical disability, medical condition and all the other beautiful parts of your identity.