IT Security Senior Manager

As a leading mountain resort operator with over 40 resorts in sixteen states and four countries. We exist to create an Experience of a Lifetime for our employees, so they can, in turn, provide and Experience of a Lifetime for our guests. We are looking for leaders, innovators, creators, and ambitious professionals to join our talented team. If you’re ready to pursue your fullest potential, we want to get to know you!
 

Many of our Corporate function teams can now live and work in any of the states in which Vail Resorts currently operates* – enabling flexible remote work alongside a commitment to building and maintaining strong culture both in person and virtually. If you’re ready to pursue your fullest potential, we want to get to know you. Find your purpose with us at www.vailresortscareers.com. 

Job Summary

Do you have a passion for cybersecurity and career development?  Do you enjoy automating everything and driving continuous improvement?  Are you looking to join a group of like-minded collaborators leading transformations and delivering the Experience of a Lifetime for employees and guests alike?

If you answered yes, we want you to join our growing team and organization!

The IT Security Senior Manager is responsible for leading IT security operations and engineering and ensuring the security of the organization's technology systems, networks, and data. This role involves maturing cybersecurity strategy, developing leaders, working hands-on, and partnering with IT teams on security and business initiatives.  This position is part of the IT leadership team and reports to the Director of Information Security.

What You’ll Do

Drive a secure technology culture and change management.

Deliver the Experience of a Lifetime for employees and guests.

Serve security analysts, IT partners, and business stakeholders as a cybersecurity leader.

Accelerate and enable strategic business opportunities.

Enhance and mature cybersecurity capabilities.

What You’ll Bring

Aptitude and attitude!

A positive and solution-oriented approach.

Strong technical skills and ability to effectively communicate at all levels.

Your passion, out-front engagement, and expert influence.

Business-first cybersecurity leadership.

Job Specifications:

• Outlet:  Corporate 
• Expected Pay Range: $111,900 - $151,320 + annual bonus
• Shift & Schedule Availability: Full Time, Year Round
• Other Specifics: Remote  

Job Responsibilities

• Security Team Management: Lead, manage, and develop a team of security analysts and engineers, providing guidance, mentoring, and support to ensure effective security operations.
• Security Operations: Oversee the monitoring and analysis of security alerts, incidents, and vulnerabilities, ensuring timely and effective responses.
• Incident Response: Cross-functionally develop and manage an incident response plan and playbooks, and lead response to incidents, including containment, eradication, and recovery.
• Vulnerability Management: Coordinate vulnerability assessments and remediation efforts to minimize risks to the organization's information assets.
• Security Policies and Procedures: Develop, implement, and enforce security policies, procedures, and guidelines to safeguard information assets.
• Security Awareness: Promote security awareness and best practices among employees, including training and education.
• Security Auditing: Participate in and contribute to regular security audits and risk assessments to ensure compliance with security policies and standards and identify improvement opportunities.
• Security Technologies: Manage and utilize security tools such as System Information and Event Management (SIEM), Vulnerability Management, cloud-native security solutions, endpoint detection and response (EDR), and other security software.
• Threat Analysis: Stay updated on emerging cyber threats and vulnerabilities, providing insights and recommendations to enhance security measures and proactively protect the organization.
• Compliance: Drive awareness of and adherence to relevant regulatory requirements and industry standards (e.g., GDPR, PCI, NIST, CIS, OWASP) and provide necessary documentation.
• Security Reporting: Generate security reports, metrics, and incident reports for IT security leadership and stakeholders.  Support the development of executive content and reports.
• Security Documentation: Maintain and update documentation related to security configurations, procedures, and incident response plans and playbooks.
• Collaboration: Work closely with IT teams, management, and external vendors to implement security measures and respond to security incidents.
• Budget and Resource Management: Manage the budget for security operations, allocate resources effectively, and evaluate technology investments.  Develop budget requests.

Job Requirements:

Required

• Bachelor’s degree in information security, computer science, or a related field, or equivalent in education and experience.
• Strong leadership and management skills, including experience in team leadership, developing individual contributors, and serving others.
• Proven experience in IT security, including security monitoring, incident response, vulnerability management, and cloud security operations (AWS, Azure, or GCP).
• High level of technical expertise, ensuring the ability to navigate and troubleshoot complex technical issues.
• Deep knowledge of security standards, frameworks, and best practices (e.g., NIST, CIS, OWASP).
• Proficiency in using security tools and technologies, such as security information and event management (SIEM), threat and vulnerability management, and cloud security systems.
• Strong understanding of network protocols, operating systems, and application security.
• Analytical and problem-solving skills to detect, assess, and respond to security incidents.
• Superb communication and collaboration skills, and a positive and solution-oriented approach.
• Ability to adapt to rapidly changing security threats and technologies.
• Attention to detail and a commitment to maintaining the highest level of security.
• Demonstrated strength in continuous learning and growth.

Preferred

• Relevant certifications (e.g., CISSP, CISM, CISA, Certified Ethical Hacker) highly desired.
• Penetration testing knowledge and experience.
• System and configuration management experience.
• Knowledge of scripting languages (e.g., Python, PowerShell) for automation and customization of security tasks.
• Understanding of DevSecOps principles and practices.

The expected Total Compensation for this role is $111,900 - $151,320 + annual bonus.  Individual compensation decisions are based on a variety of factors.
 

The perks include a free ski pass, and a set of benefits including... 

• Medical, Dental, Vision insurance, and a 401(k) retirement plan  
• Hourly employees are generally eligible for accrued Paid Time Off (PTO) and Sick Time.  Salaried employees are generally eligible for Flexible Time Off (FTO) 
• Paid Parental Leave for eligible mothers and fathers  
• Healthcare & Dependent Care Flexible Spending Accounts  
• Life, AD&D, and disability insurance 

Reach Your Peak at Vail Resorts.  At Vail Resorts, our team is made whole by the brave, passionate individuals who ambitiously push boundaries and challenge the status quo. Whether you’re looking for seasonal work or the career of a lifetime, join us today to reach your peak.  
 

*Remote work is currently permitted from British Columbia and the 16 U.S. states in which we currently operate. This includes: California, Colorado, Indiana, Michigan, Minnesota, Missouri, New Hampshire, New York, Nevada, Ohio, Pennsylvania, Utah, Vermont, Washington State, Wisconsin, and Wyoming. Please note that the ability to work remotely, and the particulars related to such work, are subject to change at any time; and, accordingly, the Company reserves the right to change its policies and/or require in-person/in-office work at any time in its sole discretion.   

Vail Resorts is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, protected veteran status or any other status protected by applicable law.

Requisition ID  499002
Reference Date: 11/17/2023 
Job Code Function: IT Security