Job Title: Information Security Engineer - Vulnerability Management IIILocation: RemoteTOP SKILLS:Must HaveBrinqExcellent communication and presentation skills, and a proven background of presenting to senior leaders, large groups, etc. on relevant matters pertaining to large projects and impacting key functionality.Lead and Implementation ExperiencePerforming referral to principleproven consistent experience in vulnerability management, security engineering, security consulting etcProven experience with proactive threat management, research, escalation, discovery etc.SecuritySolid understanding of popular security tooling and understanding of security architecture/interconnectedness of processes and tooling.Nice To HaveCISSP, CISA, CISM, AWS Solutions Architect certificationsGRC/audit management experienceScripting/automation experience - python preferredSolid proven experience with tooling such as Qualys, Brinqa, Archer, ServiceNOW, Checkmarx, Prisma (and any AWS experience is great as well)What You'll DoResponsible for performing all functions required to support day-to-day data security operations and accountable for security and networking infrastructure component availability and integrity, monitoring compliance with IT security policy, and coordinating investigation and reporting of security incidents.Primary Responsibilities:Define, deliver, and support enterprise security tools and architecture in collaboration with other teams.Enhance the Bank's network vulnerability management program for in-scope subsidiaries and affiliates.Define security environments and lead the implementation and onboarding of new applications, programs, processes, projects, and initiatives into the Enterprise Vulnerability Management Program.Communicate, escalate, support, and guide the resolution of open vulnerabilities, including infrastructure, application security, and configuration management vulnerabilities.Conduct security research on threats and remediation techniques/technology, make recommendations to IS/IT teams, and oversee their implementation.Proactively monitor and investigate security alerts from managed security service providers and in-house security tools.Conduct risk assessments to evaluate the effectiveness of existing controls and determine the impact of proposed changes to business processes, applications, and systems.Support ad hoc requests for reporting and control evidence, as needed.Perform threat analysis and incident response by interpreting events.Support the Bank's operational information security responsibilities, including developing and maintaining standards, procedures, and guidelines for the Enterprise Vulnerability Management Program.Share knowledge and industry best practices with team members.Serve as a security engineer/consultant on projects.What You'll GetCompetitive base salaryMedical, dental, and vision insurance coverageOptional life and disability insurance provided401(k) with a company match and optional profit sharingPaid vacation timePaid Bench timeTraining allowance offeringYou'll be eligible to earn referral bonuses!
