Position Overview: The System Engineer (Vulnerability Management) works to protect data and system integrity with approved vulnerability scanning and patch management. This position reports to the Vulnerability Management Department Manager, works closely with other Network Security Engineers and Information Services personnel to ensure appropriate controls are in place and that security policies are being effectively employed. RESPONSIBILITIES AND DUTIES: Information Security Threat and Vulnerability Management
- Responsible for all aspects of systems infrastructure including, but not limited to, project planning, technology development, and root cause analysis.
- Perform security data analytics; identify and address potential data loss channels; stay apprised of potential security challenges through the gathering and processing of cyber intelligence.
- Work with distributed IT Community to select and deploy technical controls to meet specific security requirements, defines processes, and standards to ensure that security configurations are maintained.
- Serve as Information Security & Risk Management liaison between corporate and technical communities focusing on creating NIST inspired information security programs for all manner of financial transfers.
- Work with International Teams for multi-level implementations and security awareness across different time zones.
- Generated and Complied Cyber Security based on SOX, FDIC, ITIL, AGILE, PCI/DSS and many other requirements and standards based on needs of business line.
IT Governance metrics and reporting
- Oversee Remediation Activities:
- Manage tracking and remediation of vulnerabilities by leveraging agreed-upon action plans and timelines with responsible technology developers and support teams.
- Recommend appropriate policy, standards, process and procedural updates as part of comprehensive remediation solutions.
- Validate remediation by reviewing application updates or deployed mitigations to verify resolution.
- Stakeholder Consulting:
- Provide security oversight services with an understanding of OSI Model.
- Cultivate effective working relationships with multiple application stakeholders.
- Performs duties & responsibilities as assigned by supervisor
- Bachelor's degree in a related field and/or a minimum of 3-5+ years of experience in Information Technology
- Operational awareness and ability to thrive in a multiple application environment.
- Experience with vulnerability scanners and patch management to create custom jobs. (Nessus, SCCM, Ivanti, Cisco, Jamf preferred).
- Strong analytical skills to identify current and potential security threats.
- Ability to apply business and technology context to vulnerability scans.
- Ability to prioritize threat results as well as daily tasks.
- A solid understanding of network design and architecture.
- Experience in scripting (PowerShell, VBScript, Python).
- Excellent written and verbal communication.
- Excellent problem solving and troubleshooting skills.
- Experience with multiple versions of Windows/Mac operating systems.
- Security certifications are a plus (e.g. CISSP, A+, MCSE).