"Alerted.org

Job Description:

Position Summary

We are seeking a highly skilled Senior Manager of Vulnerability Automation to lead efforts in automating and operationalizing vulnerability data and translating it into actionable risk mitigation plans across applications and infrastructure. This role demands expertise in advanced automation for large-scale vulnerability data and engineering backlog management systems, secure development practices, vulnerability analytics, and cross-functional collaboration with engineering teams. The ideal candidate is both technically proficient and business-minded, capable of driving measurable improvements to our application security posture through automation at scale.

Key Responsibilities

+ Automate and optimize the use of tools such as Rapid7 InsightVM, Microsoft Defender, GitHub Advanced Security, Secure Now, and other scanning or vulnerability aggregation platforms

+ Organize and automatically correlate vulnerability data to highlight prioritized, logically grouped recommendations for remediation.

+ Aggregate and normalize large data sets across platforms and leverage connectors to push data downstream automatically

+ Build and maintain Excel-based tracking tools and Power BI dashboards to monitor trends, patch status, and KPIs over time automatically

+ Communicate security posture to both technical and executive stakeholders with clarity and attacker perspective focus

+ Champion Secure-by-Design and Defense-in-Depth principles throughout the software development lifecycle.

+ Engage with product and engineering teams to recommend actionable remediation paths that align with dev timelines.

+ Apply OWASP (e.g., Top 10, ASVS) and MITRE ATT&CK/CWE frameworks to evaluate and communicate threats and control gaps automatically

+ Collaborate in building or refining application security standards based on industry best practices.

+ Leverage Microsoft Defender, Rapid7, and asset inventories to automatically track how outdated operating systems or unpatched components impact application layer vulnerabilities.

+ Contribute to asset classification and patch prioritization strategies.

About Walgreens

Founded in 1901, Walgreens (www.walgreens.com) has a storied heritage of caring for communities for generations and proudly serves nearly 9 million customers and patients each day across its approximately 8,500 stores throughout the U.S. and Puerto Rico, and leading omni channel platforms. Walgreens has approximately 220,000 team members, including nearly 90,000 healthcare service providers, and is committed to being the first choice for retail pharmacy and health services, building trusted relationships that create healthier futures for customers, patients, team members and communities.

Walgreens is the flagship U.S. brand of Walgreens Boots Alliance, Inc. (Nasdaq: WBA), an integrated healthcare, pharmacy and retail leader. Its retail locations are a critical point of access and convenience in thousands of communities, with Walgreens pharmacists playing a greater role as part of the healthcare system and patients care teams than ever before. Walgreens Specialty Pharmacy provides critical care and pharmacy services to millions of patients with rare disease states and complex, chronic conditions.

The actual salary an employee can expect to receive, plus bonus pursuant to the terms of any bonus plan if applicable, will depend on experience, seniority, geographic location, and other factors permitted by law. To review benefits, please visit jobs.walgreens.com/benefits More Company information is available at www.walgreensbootsalliance.com.

**Job ID:** 1611095BR

**Title:** Senior Principal Security Engineer (Vulnerability Automation)

**Company Indicator:** Walgreens

Employment Type:

**Job Function:** Information Technology

**Full Store Address:** 102 WILMOT RD,DEERFIELD,IL 60015

**Full District Office Address:** 102 WILMOT RD,DEERFIELD,IL,60015-05104-01102-2

External Basic Qualifications:

+ Bachelor’s degree and at least 6 years of experience in IT Security OR a High School Diploma/GED and at least 9 years of experience in IT Security

+ At least 5 years of experience with security/cyber forensics, threat hunting, incident response analysis, and/or Information security consulting

+ Experience establishing & maintaining relationships with individuals at all levels of the organization, including the executive level.

+ Experience diagnosing, isolating, and resolving complex issues and recommending and implementing strategies to resolve problems"

+ Experience leading cross-functional teams

+ At least 2 years of experience contributing to financial decisions in the workplace.

+ At least 3 years of direct leadership, indirect leadership and/or cross- functional team leadership.

+ Willing to travel up to 10% of the time for business purposes (within state and out of state)

Preferred Qualifications:

+ 5+ years of experience in application security, vulnerability management, or secure software engineering.

+ Strong knowledge of automation engineering and vulnerability scanning tools, especially Rapid7 InsightVM and Microsoft Defender.

+ Strong proficiency in Excel (pivot tables, lookups, data modeling) and Power BI.

+ Demonstrated experience translating raw security data into clear, prioritized, and contextualized risk metrics automatically

+ Deep understanding of OWASP, MITRE ATT&CK, and CWE frameworks.

+ Experience working with engineering teams to remediate findings

+ Familiarity with software and OS lifecycle management and how it impacts application security.

+ Background in software development or scripting (e.g., Python, PowerShell)

+ Experience in regulated environments (e.g., PCI, HIPAA).

+ Knowledge of asset management and CMDB platforms (e.g., ServiceNow).

+ Industry certifications such as GWAPT, OSWE, CSSLP, or CISSP with a focus on AppSec.

Why Join Us?

+ Help shape a security-first engineering culture.

+ Work with experienced teams in security, IT, and product development.

+ Contribute to meaningful improvements in application security across a complex and evolving enterprise landscape.

We will consider employment of qualified applicants with arrest and conviction records.

Shift:

Store: