Information Security Engineer - Vulnerability Management III

Overview

Job Title:

Information Security Engineer - Vulnerability Management III

Location:

Remote

• Must Have
• Brinq

• Excellent communication and presentation skills, and a proven background of presenting to senior leaders, large groups, etc. on relevant matters pertaining to large projects and impacting key functionality.
• Lead and Implementation Experience
• Performing referral to principle
• Proven consistent experience in vulnerability management, security engineering, security consulting etc
• Proven experience with proactive threat management, research, escalation, discovery etc.
• Security
• Solid understanding of popular security tooling and understanding of security architecture/interconnectedness of processes and tooling.

• CISSP, CISA, CISM, AWS Solutions Architect certifications
• GRC/audit management experience
• Scripting/automation experience – python preferred
• Solid proven experience with tooling such as Qualys, Brinqa, Archer, Service
  
  NOW, Checkmarx, Prisma (and any AWS experience is great as well)

• Responsible for performing all functions required to support day-to-day data security operations and accountable for security and networking infrastructure component availability and integrity, monitoring compliance with IT security policy, and coordinating investigation and reporting of security incidents.
• Define, deliver, and support enterprise security tools and architecture in collaboration with other teams.
• Enhance the Bank's network vulnerability management program for in-scope subsidiaries and affiliates.
• Define security environments and lead the implementation and onboarding of new applications, programs, processes, projects, and initiatives into the Enterprise Vulnerability Management Program.
• Communicate, escalate, support, and guide the resolution of open vulnerabilities, including infrastructure, application security, and configuration management vulnerabilities.
• Conduct security research on threats and remediation techniques/technology, make recommendations to IS/IT teams, and oversee their implementation.
• Proactively monitor and investigate security alerts from managed security service providers and in-house security tools.
• Conduct risk assessments to evaluate the effectiveness of existing controls and determine the impact of proposed changes to business processes, applications, and systems.
• Support ad hoc requests for reporting and control evidence, as needed.
• Perform threat analysis and incident response by interpreting events.
• Support the Bank's operational information security responsibilities, including developing and maintaining standards, procedures, and guidelines for the Enterprise Vulnerability Management Program.
• Share knowledge and industry best practices with team members.
• Serve as a security engineer/consultant on projects.

• Competitive base salary
• Medical, dental, and vision insurance coverage
• Optional life and disability insurance provided
• 401(k) with a company match and optional profit sharing
• Paid vacation time
• Paid Bench time
• Training allowance offering
• You’ll be eligible to earn referral bonuses!