5,604 Vulnerability Management jobs in the United States

Vulnerability Management - Security Analyst

94029 Menlo Park, California Meta Inc

Posted 2 days ago

Job Viewed

Tap Again To Close

Job Description

Vulnerability Management - Security Analyst Meta is seeking a skilled and motivated Security Analyst to join our Vulnerability Management Team. The candidate will be responsible for conducting complex, large-scale vulnerability triage and incident investigations, evaluating and mitigating risks, and collaborating with cross-functional teams to enhance our security posture. This is a team where you will have the opportunity to use analytical skills, experience to driving projects and initiatives to impact the broader security landscape at Meta.You will collaborate closely with highly technical teams, with a broad set of skills to tackle the panoply of challenges that we encounter at Meta scale. Join our mission to enhance Meta's security posture and protect our infrastructure from vulnerabilities. If you are passionate about security and have the skills and experience to make a difference, we encourage you to apply. Vulnerability Management - Security Analyst Responsibilities Identify patterns from recurring vulnerability triaging submissions and raise them for potential automation. Apply advanced concepts and practices to analyze data to assess contextual security risk. Lead complex vulnerability triage and identification efforts to evaluate risks to the company. Leverage tooling, systems, and processes from across the company to drive impactful security outcomes. Proactively communicate with internal and external teams, launching projects that affect the larger vulnerability program. Understand and support the security needs of internal and external stakeholders, regulators, and auditors. Collaborate with cross-functional teams to plan and execute project work and operations and drive improvements to policies, processes, and security tools. Lead in assessing and driving company-wide response to critical vulnerabilities. Fulfill on-call responsibilities or similar support roles for partner programs. Minimum Qualifications 5+ years of experience in conducting vulnerability triage and incident investigation Bachelor’s degree in a related technical field or equivalent experience. Demonstrated experience of understanding of security systems and the capacity to apply security concepts effectively Experience in leading operational and project work for security domains (e.g., malware reversing, authentication systems). Experience with working with leadership and engineers Track record of successfully delivering complex projects and leading vulnerability investigations. High-level understanding of defense-in-depth strategies and self-motivated to identify opportunities. Experience managing competing priorities and simultaneous projects Experience with attacker tactics, techniques, and procedures. Experience making important decisions independently and multi-tasking under pressure. Preferred Qualifications Experience in managing large communication efforts and communicate team missions and goals. Demonstrated experience in explain technical problems clearly to peers and cross-functional teams, providing data-driven feedback and solutions. Practical experience in defense-in-depth strategies and their application. Experience with automation and scripting languages (e.g., Python, Bash). Experience with database query languages. Experience driving changes to processes that can scale across teams and regions and affect organizations outside Security. Demonstrate sustained self-driven productivity and exercise independent judgment in problem-solving. For those who live in or expect to work from California if hired for this position, please click here for additional information. About Meta Meta builds technologies that help people connect, find communities, and grow businesses. When Facebook launched in 2004, it changed the way people connect. Apps like Messenger, Instagram and WhatsApp further empowered billions around the world. Now, Meta is moving beyond 2D screens toward immersive experiences like augmented and virtual reality to help build the next evolution in social technology. People who choose to build their careers by building with us at Meta help shape a future that will take us beyond what digital connection makes possible today—beyond the constraints of screens, the limits of distance, and even the rules of physics. $137,000/year to $196,000/year + bonus + equity + benefits Individual compensation is determined by skills, qualifications, experience, and location. Compensation details listed in this posting reflect the base hourly rate, monthly rate, or annual salary only, and do not include bonus, equity or sales incentives, if applicable. In addition to base compensation, Meta offers benefits. Learn more about benefits at Meta. Meta is proud to be an Equal Employment Opportunity employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. You may view our Equal Employment Opportunity notice here . Meta is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, fill out the Accommodations request form . Apply for this job Take the first step toward a rewarding career at Meta. Explore jobs that match your skills and experience. Search by technology, team or location to find an opening that’s right for you. Meta is proud to be an Equal Employment Opportunity employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. You may view our Equal Employment Opportunity notice here . Meta is committed to providing reasonable support (called accommodations) in our recruiting processes for candidates with disabilities, long term conditions, mental health conditions or sincerely held religious beliefs, or who are neurodivergent or require pregnancy-related support. If you need assistance or an accommodation due to a disability, fill out the Accommodations request form . #J-18808-Ljbffr

View Now

Vulnerability Management - Security Analyst

94025 Menlo Park, California Meta

Posted 2 days ago

Job Viewed

Tap Again To Close

Job Description

**Summary:**
Meta is seeking a skilled and motivated Security Analyst to join our Vulnerability Management Team. The candidate will be responsible for conducting complex, large-scale vulnerability triage and incident investigations, evaluating and mitigating risks, and collaborating with cross-functional teams to enhance our security posture. This is a team where you will have the opportunity to use analytical skills, experience to driving projects and initiatives to impact the broader security landscape at Meta.You will collaborate closely with highly technical teams, with a broad set of skills to tackle the panoply of challenges that we encounter at Meta scale. Join our mission to enhance Meta's security posture and protect our infrastructure from vulnerabilities. If you are passionate about security and have the skills and experience to make a difference, we encourage you to apply.
**Required Skills:**
Vulnerability Management - Security Analyst Responsibilities:
1. Identify patterns from recurring vulnerability triaging submissions and raise them for potential automation
2. Apply advanced concepts and practices to analyze data to assess contextual security risk
3. Lead complex vulnerability triage and identification efforts to evaluate risks to the company
4. Leverage tooling, systems, and processes from across the company to drive impactful security outcomes
5. Proactively communicate with internal and external teams, launching projects that affect the larger vulnerability program
6. Understand and support the security needs of internal and external stakeholders, regulators, and auditors
7. Collaborate with cross-functional teams to plan and execute project work and operations and drive improvements to policies, processes, and security tools
8. Lead in assessing and driving company-wide response to critical vulnerabilities
9. Fulfill on-call responsibilities or similar support roles for partner programs
**Minimum Qualifications:**
Minimum Qualifications:
10. 5+ years of experience in conducting vulnerability triage and incident investigation
11. Bachelor's degree in a related technical field or equivalent experience
12. Demonstrated experience of understanding of security systems and the capacity to apply security concepts effectively
13. Experience in leading operational and project work for security domains (e.g., malware reversing, authentication systems)
14. Experience with working with leadership and engineers
15. Track record of successfully delivering complex projects and leading vulnerability investigations
16. High-level understanding of defense-in-depth strategies and self-motivated to identify opportunities
17. Experience managing competing priorities and simultaneous projects
18. Experience with attacker tactics, techniques, and procedures
19. Experience making important decisions independently and multi-tasking under pressure
**Preferred Qualifications:**
Preferred Qualifications:
20. Demonstrated experience in explain technical problems clearly to peers and cross-functional teams, providing data-driven feedback and solutions.
21. Experience driving changes to processes that can scale across teams and regions and affect organizations outside Security.
22. Experience with automation and scripting languages (e.g., Python, Bash).
23. Practical experience in defense-in-depth strategies and their application.
24. Experience with database query languages.
25. Experience in managing large communication efforts and communicate team missions and goals.
26. Demonstrate sustained self-driven productivity and exercise independent judgment in problem-solving.
**Public Compensation:**
$137,000/year to $196,000/year + bonus + equity + benefits
**Industry:** Internet
**Equal Opportunity:**
Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment.
Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at
View Now

Vulnerability Management - Security Analyst

98005 Bellevue, Washington Meta

Posted 9 days ago

Job Viewed

Tap Again To Close

Job Description

**Summary:**
Meta is seeking a skilled and motivated Security Analyst to join our Vulnerability Management Team. The candidate will be responsible for conducting complex, large-scale vulnerability triage and incident investigations, evaluating and mitigating risks, and collaborating with cross-functional teams to enhance our security posture. This is a team where you will have the opportunity to use analytical skills, experience to driving projects and initiatives to impact the broader security landscape at Meta.You will collaborate closely with highly technical teams, with a broad set of skills to tackle the panoply of challenges that we encounter at Meta scale. Join our mission to enhance Meta's security posture and protect our infrastructure from vulnerabilities. If you are passionate about security and have the skills and experience to make a difference, we encourage you to apply.
**Required Skills:**
Vulnerability Management - Security Analyst Responsibilities:
1. Identify patterns from recurring vulnerability triaging submissions and raise them for potential automation
2. Apply advanced concepts and practices to analyze data to assess contextual security risk
3. Lead complex vulnerability triage and identification efforts to evaluate risks to the company
4. Leverage tooling, systems, and processes from across the company to drive impactful security outcomes
5. Proactively communicate with internal and external teams, launching projects that affect the larger vulnerability program
6. Understand and support the security needs of internal and external stakeholders, regulators, and auditors
7. Collaborate with cross-functional teams to plan and execute project work and operations and drive improvements to policies, processes, and security tools
8. Lead in assessing and driving company-wide response to critical vulnerabilities
9. Fulfill on-call responsibilities or similar support roles for partner programs
**Minimum Qualifications:**
Minimum Qualifications:
10. 5+ years of experience in conducting vulnerability triage and incident investigation
11. Bachelor's degree in a related technical field or equivalent experience
12. Demonstrated experience of understanding of security systems and the capacity to apply security concepts effectively
13. Experience in leading operational and project work for security domains (e.g., malware reversing, authentication systems)
14. Experience with working with leadership and engineers
15. Track record of successfully delivering complex projects and leading vulnerability investigations
16. High-level understanding of defense-in-depth strategies and self-motivated to identify opportunities
17. Experience managing competing priorities and simultaneous projects
18. Experience with attacker tactics, techniques, and procedures
19. Experience making important decisions independently and multi-tasking under pressure
**Preferred Qualifications:**
Preferred Qualifications:
20. Demonstrated experience in explain technical problems clearly to peers and cross-functional teams, providing data-driven feedback and solutions.
21. Experience driving changes to processes that can scale across teams and regions and affect organizations outside Security.
22. Experience with automation and scripting languages (e.g., Python, Bash).
23. Practical experience in defense-in-depth strategies and their application.
24. Experience with database query languages.
25. Experience in managing large communication efforts and communicate team missions and goals.
26. Demonstrate sustained self-driven productivity and exercise independent judgment in problem-solving.
**Public Compensation:**
$137,000/year to $196,000/year + bonus + equity + benefits
**Industry:** Internet
**Equal Opportunity:**
Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment.
Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at
View Now

Vulnerability Management - Security Analyst

20080 Washington, District Of Columbia Meta

Posted 10 days ago

Job Viewed

Tap Again To Close

Job Description

**Summary:**
Meta is seeking a skilled and motivated Security Analyst to join our Vulnerability Management Team. The candidate will be responsible for conducting complex, large-scale vulnerability triage and incident investigations, evaluating and mitigating risks, and collaborating with cross-functional teams to enhance our security posture. This is a team where you will have the opportunity to use analytical skills, experience to driving projects and initiatives to impact the broader security landscape at Meta.You will collaborate closely with highly technical teams, with a broad set of skills to tackle the panoply of challenges that we encounter at Meta scale. Join our mission to enhance Meta's security posture and protect our infrastructure from vulnerabilities. If you are passionate about security and have the skills and experience to make a difference, we encourage you to apply.
**Required Skills:**
Vulnerability Management - Security Analyst Responsibilities:
1. Identify patterns from recurring vulnerability triaging submissions and raise them for potential automation
2. Apply advanced concepts and practices to analyze data to assess contextual security risk
3. Lead complex vulnerability triage and identification efforts to evaluate risks to the company
4. Leverage tooling, systems, and processes from across the company to drive impactful security outcomes
5. Proactively communicate with internal and external teams, launching projects that affect the larger vulnerability program
6. Understand and support the security needs of internal and external stakeholders, regulators, and auditors
7. Collaborate with cross-functional teams to plan and execute project work and operations and drive improvements to policies, processes, and security tools
8. Lead in assessing and driving company-wide response to critical vulnerabilities
9. Fulfill on-call responsibilities or similar support roles for partner programs
**Minimum Qualifications:**
Minimum Qualifications:
10. 5+ years of experience in conducting vulnerability triage and incident investigation
11. Bachelor's degree in a related technical field or equivalent experience
12. Demonstrated experience of understanding of security systems and the capacity to apply security concepts effectively
13. Experience in leading operational and project work for security domains (e.g., malware reversing, authentication systems)
14. Experience with working with leadership and engineers
15. Track record of successfully delivering complex projects and leading vulnerability investigations
16. High-level understanding of defense-in-depth strategies and self-motivated to identify opportunities
17. Experience managing competing priorities and simultaneous projects
18. Experience with attacker tactics, techniques, and procedures
19. Experience making important decisions independently and multi-tasking under pressure
**Preferred Qualifications:**
Preferred Qualifications:
20. Demonstrated experience in explain technical problems clearly to peers and cross-functional teams, providing data-driven feedback and solutions.
21. Experience driving changes to processes that can scale across teams and regions and affect organizations outside Security.
22. Experience with automation and scripting languages (e.g., Python, Bash).
23. Practical experience in defense-in-depth strategies and their application.
24. Experience with database query languages.
25. Experience in managing large communication efforts and communicate team missions and goals.
26. Demonstrate sustained self-driven productivity and exercise independent judgment in problem-solving.
**Public Compensation:**
$137,000/year to $196,000/year + bonus + equity + benefits
**Industry:** Internet
**Equal Opportunity:**
Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment.
Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at
View Now

Vulnerability Management - Security Analyst

10176 New York, New York Meta

Posted 10 days ago

Job Viewed

Tap Again To Close

Job Description

**Summary:**
Meta is seeking a skilled and motivated Security Analyst to join our Vulnerability Management Team. The candidate will be responsible for conducting complex, large-scale vulnerability triage and incident investigations, evaluating and mitigating risks, and collaborating with cross-functional teams to enhance our security posture. This is a team where you will have the opportunity to use analytical skills, experience to driving projects and initiatives to impact the broader security landscape at Meta.You will collaborate closely with highly technical teams, with a broad set of skills to tackle the panoply of challenges that we encounter at Meta scale. Join our mission to enhance Meta's security posture and protect our infrastructure from vulnerabilities. If you are passionate about security and have the skills and experience to make a difference, we encourage you to apply.
**Required Skills:**
Vulnerability Management - Security Analyst Responsibilities:
1. Identify patterns from recurring vulnerability triaging submissions and raise them for potential automation
2. Apply advanced concepts and practices to analyze data to assess contextual security risk
3. Lead complex vulnerability triage and identification efforts to evaluate risks to the company
4. Leverage tooling, systems, and processes from across the company to drive impactful security outcomes
5. Proactively communicate with internal and external teams, launching projects that affect the larger vulnerability program
6. Understand and support the security needs of internal and external stakeholders, regulators, and auditors
7. Collaborate with cross-functional teams to plan and execute project work and operations and drive improvements to policies, processes, and security tools
8. Lead in assessing and driving company-wide response to critical vulnerabilities
9. Fulfill on-call responsibilities or similar support roles for partner programs
**Minimum Qualifications:**
Minimum Qualifications:
10. 5+ years of experience in conducting vulnerability triage and incident investigation
11. Bachelor's degree in a related technical field or equivalent experience
12. Demonstrated experience of understanding of security systems and the capacity to apply security concepts effectively
13. Experience in leading operational and project work for security domains (e.g., malware reversing, authentication systems)
14. Experience with working with leadership and engineers
15. Track record of successfully delivering complex projects and leading vulnerability investigations
16. High-level understanding of defense-in-depth strategies and self-motivated to identify opportunities
17. Experience managing competing priorities and simultaneous projects
18. Experience with attacker tactics, techniques, and procedures
19. Experience making important decisions independently and multi-tasking under pressure
**Preferred Qualifications:**
Preferred Qualifications:
20. Demonstrated experience in explain technical problems clearly to peers and cross-functional teams, providing data-driven feedback and solutions.
21. Experience driving changes to processes that can scale across teams and regions and affect organizations outside Security.
22. Experience with automation and scripting languages (e.g., Python, Bash).
23. Practical experience in defense-in-depth strategies and their application.
24. Experience with database query languages.
25. Experience in managing large communication efforts and communicate team missions and goals.
26. Demonstrate sustained self-driven productivity and exercise independent judgment in problem-solving.
**Public Compensation:**
$137,000/year to $196,000/year + bonus + equity + benefits
**Industry:** Internet
**Equal Opportunity:**
Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment.
Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at
View Now

Information Security Analyst- Vulnerability Management

08830 Iselin, New Jersey Provident Bank

Posted 6 days ago

Job Viewed

Tap Again To Close

Job Description

How would you like to join one of the most highly regarded financial institutions in New Jersey with deep roots in the community? Provident is a successful and highly regarded multi-billion-dollar bank that continues to grow with branches in New Jersey, Eastern Pennsylvania and New York. Our longevity is a testament to our commitment to placing our employees, customers, and the communities we serve at the center of all we do. At Provident Bank, we are committed to enhancing our customer and employees' experience.

POSITION OVERVIEW:

This position reports to the Chief Information Security Officer. The Information Security department is responsible for identifying and securing the Bank's information assets and providing customers, em-ployees, and other stakeholders trust their sensitive information and privacy is protected.

The Information Security Engineer is a management role for a seasoned information security professional with a focus on designing, implementing, and maintaining the technical infrastructure responsible for protecting the Bank's information assets. This position also is responsible for managing the Bank's se-curity operations center, including being the first responder to security incidents.

KEY RESPONSIBILITIES:

  • Develop and integrate cybersecurity designs for systems and networks in line with bank security standards for existing and new technical implementations.
  • Manage the delivery of the Bank's outsourced security operations center (SOC). The SOC is responsible for managing the Bank's firewalls, IPS, IDS, SIEM, and identify network security incidents.
  • Perform security reviews, identify gaps in security architecture, and develop a security risk management plan
  • Operate as the primary stakeholder for Information Security for all new projects related to Information Technology, and Lending business line. Provide direction, monitor significant activities ensuring the project is delivered successfully.
  • Determine the protection needs (i.e. security controls) for Bank systems and 3rd party systems housing bank owned data.
  • Define and prioritize essential system capabilities or business function required after significant cyber event.
  • Provide advice on technical design concepts to senior risk and technology management (e.g. Chief Information Security Officer, Chief Risk Officer, Senior Technology Officer)
  • Provide input to the Risk Management frameworks relating to technical and security implementation risks.
MINIMUM QUALIFICATIONS
  • 3-5 years if experience in a technical Information Security role interacting with business lines.
  • Knowledge and skill of integration of hardware & software assets while maintain security controls.
  • Knowledge and skill of implementing secure computer networking concepts and methodologies.
  • Knowledge and skill of designing secure authentication and authorization processes.
  • Knowledge of Personally Identifiable Information (PII) data security standards.
  • Knowledge of confidentiality, integrity, and availability requirements.
  • Knowledge of Critical Security Controls, NIST Cybersecurity Framework, and FFIEC Information Security standards.
  • Knowledge of cyber threats and vulnerabilities.
  • Knowledge of organization's enterprise information security architecture.
  • Skill in translating operational requirements into protection needs (i.e., security controls).
  • Skill in applying and incorporating information technologies into proposed solutions.
EDUCATION
  • Bachelor's degree or equivalent work experience.
LICENSES AND/OR CERTIFICATIONS
  • At least one of: Security+, SSCP, CEH, GIAC, CISSP, CISA, CISM, or comparable certification highly desired.
WORKING CONDITIONS:

Work is performed in a normal office environment. Noise levels are usually moderate. This position involves travel to customers and property locations.
  • Prolonged sitting
  • Lifting from 5 to 10 lbs. (printer paper, storage boxes)
  • Occasional bending or overhead lifting (storing files or boxes)
  • The hazards are mainly those present in a normal office setting


This job description may not be all-inclusive. Employees are expected to perform other duties as assigned and directed by management. Job descriptions and duties may be modified when deemed appropriate by management.

Provident Bank recognizes and supports the importance of creating a socially and culturally diverse employee base. We understand, value, and appreciate the unique perspectives that a diverse workforce can contribute to our organization. We put the employee and the customer at the center of strategy because culture is a critical differentiator for why people choose to work here.

We are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to age 40 and over, color, disability, gender identity, genetic information, military or veteran status, national origin, race, religion, sex, sexual orientation or any other applicable status protected by state or local law.

Pay Details:

$73,600 - $06,100 annually

Please note, the base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, education, geographic location, internal equity, and other applicable business and organizational needs.

This role is incentive eligible based upon company, business, and/or individual goal achievement and performance.

Team members accrue paid time-off (PTO), receive Holiday (PTO) and are eligible to participate in the bank's Health and Wellness benefits including Medical, Dental and Vision Plans, Flexible and Health Savings Accounts, and a 401(k) Retirement Plan. In addition, the company provides Disability Insurance, an Employee Assistance Program, and Basic Life Insurance. Company sponsored Tuition Disbursement and Loan Repayment programs are also available. Voluntary benefits include Supplemental Life Insurance, Accident, Critical Illness, Hospital Indemnity and Legal plans.

About Provident Bank

For more than 180 years, Provident Bank has served individuals, families, and businesses in our local communities with personal and business banking services.

Volunteering is a Way of Life

Our brand promise - "Commitment you can count on" - supports the investments we make in the community and donations made by our employees. It's a promise also reflected in the volunteerism of our employees, who lend time and talent and countless hours to assist hundreds of organizations and thousands of people and animals each year.

Why do we love it?
  1. We get to volunteer in areas that are meaningful to the bank and impactful in the community.
  2. Through generous contributions, we have raised over 912,000 in 2022. No item or donation is too small; we find a home for it all.
View Now

Network Security Analyst, Sr - Vulnerability Management

48151 Livonia, Michigan Trinity Health

Posted 6 days ago

Job Viewed

Tap Again To Close

Job Description

**Employment Type:**
Full time
**Shift:**
**Description:**
**POSITION PURPOSE**
The Vulnerability Management Analyst is responsible for identifying, assessing, and assisting in the remediation of security vulnerabilities across the organization's infrastructure, applications, and endpoints. This role requires collaboration with cross-functional teams to ensure vulnerabilities are addressed promptly and effectively while enhancing the organization's overall security posture.
**ESSENTIAL FUNCTIONS**
+ Conduct regular vulnerability scans and assessments using enterprise tools (e.g., CrowdStrike Falcon, Tenable, Qualys, Rapid7, etc.).
+ Analyze scan results to identify vulnerabilities, prioritize risk levels, and produce actionable reports.
+ Collaborate with IT, development, and business teams to validate, remediate, or mitigate identified vulnerabilities.
+ Monitor threat intelligence feeds and map emerging threats to the organization's attack surface.
+ Maintain and improve processes for vulnerability lifecycle management, including discovery, tracking, reporting, and closure.
+ Provide subject-matter expertise on vulnerability risks, impacts, and remediation strategies to stakeholders.
+ Oversee and guide the documentation of processes and creation of playbooks to ensure consistent and scalable vulnerability management practices.
+ Lead post-remediation validation to verify the effectiveness of implemented fixes.
+ Manage monthly security metrics reporting related to vulnerabilities and remediation efforts.
+ Design, write, and maintain scripts using Python and PowerShell to automate routine cybersecurity tasks such as log analysis, threat indicator enrichment, alert triaging, and system health checks.
+ Serve as a subject matter expert guiding cross-functional teams in aligning vulnerability assessments with business risk tolerance, regulatory requirements, and operational impact in accordance with compliance frameworks.
+ Develop and oversee the implementation of security controls and automation within CI/CD pipelines to enforce DevSecOps best practices across the vulnerability management lifecycle.
+ Oversee and mentor junior analysts' investigative work to ensure accuracy, thoroughness, and alignment with established processes.
**MINIMUM QUALIFICATIONS**
+ Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or equivalent experience.
+ Five (5) to seven (7) years of experience in vulnerability management, cybersecurity, or related roles.
+ Industry certifications such as CompTIA Security+, GIAC (GSEC, GCIA, etc.), CISSP, or similar.
+ Experience with compliance frameworks (e.g., HIPAA, PCI-DSS, NIST, etc.).
+ Familiarity with asset management and discovery solutions.
+ Exposure to DevSecOps practices and integration into CI/CD pipelines.
+ Subject Matter Expert with CVSS scoring and risk prioritization frameworks
+ Knowledge of scripting languages (e.g., Python, PowerShell) for automation purposes.
+ Strong understanding of vulnerability assessment tools and methodologies.
+ Familiarity with CVSS scoring and risk prioritization frameworks.
+ Strong analytical skills with the ability to interpret vulnerability data and communicate risk effectively.
+ Experience with patch management processes and tools.
+ Must possess a personal presence that is characterized by a sense of honesty, integrity, and caring with the ability to inspire and motivate others to promote the philosophy, mission, vision, goals, and values of Trinity Health.
**PHYSICAL AND MENTAL REQUIREMENTS AND WORKING CONDITIONS**
+ This position operates in a typical office environment. The area is well lit, temperature-controlled and free from hazards.
+ Incumbent communicates frequently, in person and over the telephone, with people in a number of different locations on technical issues.
+ Manual dexterity is needed in order to operate a keyboard. Hearing is needed for extensive telephone and in person communications.
+ The environment in which the incumbent will work requires the ability to concentrate, meet deadlines, work on several projects at the same period and adapt to interruptions.
+ The incumbent must be capable of traveling in the course of completing project assignments.
+ Must be available for on-call rotations to support 24x7x365 service availability.
+ This role is remote however the team is expected to travel for training at minimum annually. Must be able to travel to the various Trinity Health sites (up to 10%) as needed (may or may not apply).
_The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not to be constructed as an exhaustive list of duties so assigned._
**Our Commitment**
Rooted in our Mission and Core Values, we honor the dignity of every person and recognize the unique perspectives, experiences, and talents each colleague brings. By finding common ground and embracing our differences, we grow stronger together and deliver more compassionate, person-centered care. We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other status protected by federal, state, or local law.
Our Commitment to Diversity and Inclusion
Trinity Health is a family of 115,000 colleagues and nearly 26,000 physicians and clinicians across 25 states. Because we serve diverse populations, our colleagues are trained to recognize the cultural beliefs, values, traditions, language preferences, and health practices of the communities that we serve and to apply that knowledge to produce positive health outcomes. We also recognize that each of us has a different way of thinking and perceiving our world and that these differences often lead to innovative solutions.
Our dedication to diversity includes a unified workforce (through training and education, recruitment, retention, and development), commitment and accountability, communication, community partnerships, and supplier diversity.
EOE including disability/veteran
View Now
Be The First To Know

About the latest Vulnerability management Jobs in United States !

Director, Vulnerability Management

94199 San Francisco, California Cloudflare Inc

Posted 3 days ago

Job Viewed

Tap Again To Close

Job Description

About Us

At Cloudflare, we are on a mission to help build a better Internet. Today the company runs one of the world's largest networks that powers millions of websites and other Internet properties for customers ranging from individual bloggers to SMBs to Fortune 500 companies. Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare all have web traffic routed through its intelligent global network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was named to Entrepreneur Magazine's Top Company Cultures list and ranked among the World's Most Innovative Companies by Fast Company.

We realize people do not fit into neat boxes. We are looking for curious and empathetic individuals who are committed to developing themselves and learning new skills, and we are ready to help you do that. We cannot complete our mission without building a diverse and inclusive team. We hire the best people based on an evaluation of their potential and support them throughout their time at Cloudflare. Come join us!

Available Locations: London, England | Lisbon, Portugal | Austin, Texas

About the role

We are seeking an experienced Director of Vulnerability Management to lead and mature our security program in this critical area. This role is responsible for defining, implementing, and overseeing the comprehensive strategy for identifying, assessing, prioritizing, and remediating vulnerabilities across our entire technology stack, including applications throughout the software development lifecycle.

What You'll Do

  • Develop and lead teams of skilled professionals in the areas of vulnerability management and application security.
  • Enhance and execute comprehensive strategies for vulnerability management and application security that align with the company's risk appetite and business objectives.
  • Define and track key performance indicators (KPIs) and metrics to measure the effectiveness of security programs and report on progress to executive leadership.
  • Stay abreast of emerging threats, vulnerabilities, and security technologies to continuously evolve and improve security posture.
  • Advocate for and secure resources (budget, personnel, tools) necessary to achieve program objectives.
  • Recruit, mentor, and develop a high-performing team of security engineers and analysts.
  • Foster a culture of continuous learning, collaboration, and accountability within the security team.
  • Provide strong technical leadership and guidance to direct reports and cross-functional teams.
  • Contribute to the development and enforcement of security policies, standards, and procedures.
  • Support internal and external audits by providing evidence of security controls and processes.
  • Ensure compliance with internal policies, relevant industry regulations and frameworks.
  • Partner closely with engineering, product, IT, and legal teams to embed security best practices throughout the organization.
  • Communicate complex security concepts and risks effectively to both technical and non-technical stakeholders.
  • Mature the existing vulnerability management program covering infrastructure, networks, containers, cloud environments, and endpoints.
  • Oversee the selection, implementation, and optimization of vulnerability scanning tools (e.g. DAST, SAST, SCA, secrets detections, and web application and infrastructure vulnerability scanners) and platforms, and integration into CI/CD pipelines and infrastructure.
  • Ensure security technology strategies are aligned with companies' business goals.
  • Enforce policies and procedures for vulnerability identification, assessment, prioritization, remediation, and tracking.
  • Collaborate with IT operations, engineering, and development teams to ensure timely and effective remediation of identified vulnerabilities.
  • Develop security policies, procedures, and guidelines and recommend necessary changes to a given project team to ensure the company's systems are fully compliant with all applicable regulatory requirements and privacy laws.
  • Utilize open communication and managerial courage to ensure the standards, expectations and goals of the organization are respected and upheld.
  • Manage the bug bounty program and external application penetration testing engagements.
  • Ensure the application security program is integrated into every phase of the software development lifecycle.
  • Define and implement secure coding standards, guidelines, and best practices.
  • Collaborate closely with development teams to provide security guidance, perform threat modeling, and conduct security reviews of application architecture and codebases.
  • Manage and prioritize vulnerability and security findings from various sources (scans, penetration tests, bug bounties, etc.).
  • Leverage wide-ranging experiences, professional concepts, and company objectives to resolve complex issues in creative and effective ways.
  • Exercise judgment in selecting methods, techniques and evaluation criteria for obtaining results.

Examples of desirable skills, knowledge and experience.

  • Extensive experience in information security, with multiple years in a leadership role focused on vulnerability management and/or application security.
  • Proven experience building, scaling, and leading successful vulnerability management and application security programs from the ground up or significantly maturing existing ones.
  • Deep expertise in modern application security principles, secure SDLC, DevSecOps, and secure coding practices.
  • Strong understanding of common web application vulnerabilities (OWASP Top 10) and remediation techniques.
  • Hands-on experience with various security tools, including:
  • Vulnerability scanners
  • SAST (static application security testing)
  • DAST (dynamic application security testing)
  • SCA (software composition analysis)
  • Secrets detection tools
  • Web application security testing
  • Static and runtime container scanning
  • Experience with cloud security (AWS, Azure, GCP) and securing cloud-native applications.
  • Familiarity with container security and orchestration technologies (e.g., Docker, Kubernetes).
  • Excellent leadership, communication (written and verbal), and interpersonal skills.
  • Ability to influence and drive change at all levels of the organization.
  • Relevant industry certifications (e.g., CISSP, CISM, CSSLP, CEH) are highly desirable.
  • Experience with threat modeling methodologies (e.g., STRIDE, DREAD).
  • Experience producing and reviewing Technical Documentation.

What Makes Cloudflare Special?

We're not just a highly ambitious, large-scale technology company. We're a highly ambitious, large-scale technology company with a soul. Fundamental to our mission to help build a better Internet is protecting the free and open Internet.

Project Galileo : Since 2014, we've equipped more than 2,400 journalism and civil society organizations in 111 countries with powerful tools to defend themselves against attacks that would otherwise censor their work, technology already used by Cloudflare's enterprise customers--at no cost.

Athenian Project : In 2017, we created the Athenian Project to ensure that state and local governments have the highest level of protection and reliability for free, so that their constituents have access to election information and voter registration. Since the project, we've provided services to more than 425 local government election websites in 33 states.

1.1.1.1 : We released 1.1.1.1 to help fix the foundation of the Internet by building a faster, more secure and privacy-centric public DNS resolver. This is available publicly for everyone to use - it is the first consumer-focused service Cloudflare has ever released. Here's the deal - we don't store client IP addresses never, ever. We will continue to abide by our privacy commitment and ensure that no user data is sold to advertisers or used to target consumers.

Sound like something you'd like to be a part of? We'd love to hear from you!

This position may require access to information protected under U.S. export control laws, including the U.S. Export Administration Regulations. Please note that any offer of employment may be conditioned on your authorization to receive software or technology controlled under these U.S. export laws without sponsorship for an export license.

Cloudflare is proud to be an equal opportunity employer. We are committed to providing equal employment opportunity for all people and place great value in both diversity and inclusiveness. All qualified applicants will be considered for employment without regard to their, or any other person's, perceived or actual race, color, religion, sex, gender, gender identity, gender expression, sexual orientation, national origin, ancestry, citizenship, age, physical or mental disability, medical condition, family care status, or any other basis protected by law. We are an AA/Veterans/Disabled Employer.

Cloudflare provides reasonable accommodations to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job. Examples of reasonable accommodations include, but are not limited to, changing the application process, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment. If you require a reasonable accommodation to apply for a job, please contact us via e-mail at or via mail at 101 Townsend St. San Francisco, CA 94107.

View Now

Vulnerability Management Specialist

10261 New York, New York Open Systems Technologies

Posted 5 days ago

Job Viewed

Tap Again To Close

Job Description

A financial firm is looking for a Vulnerability Management Specialist in Iselin, NJ or NYC. 

Compensation: $105-110k

Responsibilities:

  • As part of the IT Security team, develop and implement firm IT Strategy in consultation with the IT teams, ensuring that all initiatives are mirrored in respective strategies including the overall firm Strategy
  • Research new security related products and services to ensure that firm is equipped with appropriate industry best tools and solutions
  • Operate controls related to SIEM, DLP, Vulnerability Management, Cyber Threat Intelligence, Endpoint Protection, etc with an emphasis on cloud deployments and implementations.
  • Conduct IT Security risk assessments for all high impact projects, defining security mitigating controls that impact the technology architectures of firm, service providers, and business partners
  • Review and update IT Security procedures to reflect best practice and mitigate current and emerging threats
  • Assigned ownership of IT Security Monitoring and Response related FRB and Internal Audit finding(s) and effective /timely resolution with IT Security
  • Maintain relationships with third-party IT security vendors and strategic partners

Vulnerability Identification:

  • Scanning Systems: Use automated tools to perform regular scans on all systems including Networks, Application and endpoints.
  • Threat Client: Stay updated with the latest vulnerability databases (e.g CVE – Common Vulnerability and Exposure) and emerging threats to identify new vulnerabilities that could affect the organization.

Vulnerability Identification:

  • Risk Rating: Assign severity ratings to vulnerabilities (e.g. Critical, High, Medium, low) using risk assessment frameworks like CVSS (Common Vulnerability Scoring System)
  • Business Impact: Access the potential impact of each vulnerability on the business including the like hood of exploitation, potential data loss and possible operational disruptions.

Vulnerability Remediation:

  • Patch Management: Work with IT and development teams to ensure that patches or updates are applied to systems and applications to fix vulnerabilities.
  • Configuration Changes: Where applicable, make configuration changes to systems or applications to reduce exposure to Vulnerabilities

Qualifications:

  1. Virtualized and Cloud platforms experience such as Amazon Web Services, Microsoft Azure or Office 365
  2. S. in a technology discipline (Computer Science, Computer Engineering, Cybersecurity or equivalent);
  3. Conduct regular vulnerability scans and assessments across the organization's IT environment using tools like Nessus, Qualys, or Rapid7. These platforms are essential for identifying and prioritizing security weaknesses, providing detailed insights that enable proactive risk reduction.
  4. Analyze vulnerabilities and threats, determine their potential impact, and recommend strategies for risk prevention.
  5. Coordinate with IT and security teams to prioritize and apply security patches and updates, including managing patch deployments using WSUS, SCCM, or Ansible which are critical for automating and streamlining the update process across large networks, reducing the risk of security breaches, and ensuring compliance with industry standards.
  6. Assist in investigating and resolving security incidents, providing expertise on vulnerability exploitation and mitigation.
  7. Generate detailed reports on vulnerabilities, their impact, and the status of remediation efforts. Communicate findings to stakeholders.
  8. Ensure compliance with relevant security standards, policies, and regulations.
  9. Develop and maintain vulnerability management documentation, including policies, procedures, and playbooks, including creating response plans for critical vulnerabilities or emerging threats.
  10. Engage in vulnerability management program reviews and continuous improvement initiatives, providing input on enhancements to scanning and reporting processes.
  • Virtualized and Cloud platforms experience such as Amazon Web Services, Microsoft Azure or Office 365
  • S. in a technology discipline (Computer Science, Computer Engineering, Cybersecurity or equivalent);
  • Security certifications such as CISSP and at least one GIAC GSEC, GCED, GCIA, GCIH, GREM, GCFR or equivalent is preferred
  • Knowledge of incident handling life cycle based on an established framework: ISO 27035, SANS, NIST SP 800-61, CERT, ENISA
  • Experience with security and automation: Python, Powershell, Windows OS, Linux OS, VMware, Puppet, Chef / Ansible desirable
View Now

Vulnerability Management Specialist

10261 New York, New York CyberTec

Posted 6 days ago

Job Viewed

Tap Again To Close

Job Description

Job Title : Vulnerability Management Specialist- Onsite
Location: 2 Metro Tech Center, Brooklyn NY
Job Type : Onsite
Duration : 12+ months
Opening : 1 Opening !

The resource function is essential to OTI Cyber Command's ability to defend City systems from cyber threat including direct support of public safety, revenue generating, and other systems supporting City operations. The threat landscape continues to significantly expand the City's attack surface and the resource is key to managing various agency-facing projects within the City's vulnerability management program that enhances the City's cybersecurity posture. The resource will contribute to OTI Cyber Command's ability to issue timely vulnerability notifications and prioritized system patching info. Without timely vulnerability notification, the City cannot effectively adjust its defensive controls resulting in increased likelihood of cyber events that may require costly remediation efforts.

RESPONSIBILITIES

  • Research, analyze and brief management and team members on relevant Risk, CVE's, CVSS, Vector Strings, NVD, Mitre, attack vectors and mitigations for various technologies
  • Design, architect and build Rapid7 vulnerability management scanning infrastructure and tools
  • Manage, configure and conduct Vulnerability Management scans in Rapid7 across various networks
  • Conduct vulnerability management analysis through industry research, deep analysis, generating of reports and dashboards in Rapid7 to accurately assess and prioritize risk
  • Evaluate security vulnerabilities, assess risk and impact, develop mitigation strategies, and implement remediation
  • Present succinct technical briefings to team members and customers for Client research, risk assessment, CVE's, vendor hardware/software, industry trends
  • Create scripts utilizing Python, PowerShell and others to automate vulnerability management tasks
  • The ability to automate detection, reporting and tracking of vulnerabilities identified
  • Create deep analysis and reports around vulnerability management utilizing Rapid7 dashboards and reports, scripts, Excel and PowerPoint
  • Travel within NYC for various projects when necessary
MANDATORY SKILLS/EXPERIENCE
Note: Candidates who do not have the mandatory skills will not be considered
  • At least 4 years of experience in Cybersecurity, including vulnerability management scanning tools, vulnerability assessments, attack surface management, scripting, vulnerability Client analysis, vulnerability management scan result analysis, Excel
  • Strong knowledge of CVE's, CVSS, Vector Strings, NVD, Mitre, attack vectors and mitigations
  • Experience with the design, architect and build of vulnerability management scanning infrastructure and tools specifically Rapid7; extensive hands-on experience conducting Rapid7 vulnerability scans across various networks; experience conducting Rapid7 vulnerability management analysis through reports and dashboards to accurately identify risk
  • Experience evaluating security vulnerabilities, assessing risk and impact, developing mitigation strategies, and implementing remediation
  • Experience conducting Client research around CVE's, vendor hardware/software vulnerabilities, and presenting succinct technical overviews to team members and customers
  • Extensive experience with scripting such as Python and PowerShell to automate vulnerability management tasks
  • Extensive experience with Excel, especially for performing data analysis through VLookup and Pivot Tables

DESIRABLE SKILLS
  • Experience with Cybersecurity standards and best practices and how to integrate them
  • Provide oral and written reports on vulnerability risk to the team and possibly agencies' technical stakeholders
  • Ability to evaluate the current threat landscape that includes tactics, techniques and procedures
  • Work with agencies to evangelize the OTI Cyber Command program around areas of cybersecurity posture enhancement, risk reduction, attack surface management, vulnerability management scanning tool performance, scan results, credentialed scans, triage scan performance issues, socialize risk and remediation, and other vulnerability management issues
  • Experience using Tableau for reporting and analysis purposes
  • Strong background with next generation firewall products, intrusion detection systems, DMZ, IPSec, DNS, SMTP, HTTP, VPN, proxies, etc.
  • Knowledge of security best practices across multiple platforms, such as Microsoft Windows, VMWare, Linux, VPN, Cisco IOS, and Mobile OS Android/Apple IOS.
  • Knowledge of public-key cryptography, understanding of encoding, encryption, and hashing techniques
  • Knowledge of security best practices: NIST, CIS, Cisco, Juniper, Palo Alto, Fortinet, Checkpoint, F5, Microsoft, Unix/Linux, etc.
  • Ability to analyze Cybersecurity documentation, including security policies, plans, and procedures.
  • Extensive experience with Windows and Linux Servers
  • Exceptional written and oral communication skills
  • Exceptional organizational and analytical skills
  • Certifications such as Certified Information Systems Security Professional (CISSP) Certification, Security Essentials Certification (GSEC), Certified Intrusion Analyst (GCIA), Certified Incident Handler (GCIH), Certified Ethical Hacker (CEH), Certified Penetration Tester (CWAPT)
View Now
 

Nearby Locations

Other Jobs Near Me

Industry

  1. request_quote Accounting
  2. work Administrative
  3. eco Agriculture Forestry
  4. smart_toy AI & Emerging Technologies
  5. school Apprenticeships & Trainee
  6. apartment Architecture
  7. palette Arts & Entertainment
  8. directions_car Automotive
  9. flight_takeoff Aviation
  10. account_balance Banking & Finance
  11. local_florist Beauty & Wellness
  12. restaurant Catering
  13. volunteer_activism Charity & Voluntary
  14. science Chemical Engineering
  15. child_friendly Childcare
  16. foundation Civil Engineering
  17. clean_hands Cleaning & Sanitation
  18. diversity_3 Community & Social Care
  19. construction Construction
  20. brush Creative & Digital
  21. currency_bitcoin Crypto & Blockchain
  22. support_agent Customer Service & Helpdesk
  23. medical_services Dental
  24. medical_services Driving & Transport
  25. medical_services E Commerce & Social Media
  26. school Education & Teaching
  27. electrical_services Electrical Engineering
  28. bolt Energy
  29. local_mall Fmcg
  30. gavel Government & Non Profit
  31. emoji_events Graduate
  32. health_and_safety Healthcare
  33. beach_access Hospitality & Tourism
  34. groups Human Resources
  35. precision_manufacturing Industrial Engineering
  36. security Information Security
  37. handyman Installation & Maintenance
  38. policy Insurance
  39. code IT & Software
  40. gavel Legal
  41. sports_soccer Leisure & Sports
  42. inventory_2 Logistics & Warehousing
  43. supervisor_account Management
  44. supervisor_account Management Consultancy
  45. supervisor_account Manufacturing & Production
  46. campaign Marketing
  47. build Mechanical Engineering
  48. perm_media Media & PR
  49. local_hospital Medical
  50. local_hospital Military & Public Safety
  51. local_hospital Mining
  52. medical_services Nursing
  53. local_gas_station Oil & Gas
  54. biotech Pharmaceutical
  55. checklist_rtl Project Management
  56. shopping_bag Purchasing
  57. home_work Real Estate
  58. person_search Recruitment Consultancy
  59. store Retail
  60. point_of_sale Sales
  61. science Scientific Research & Development
  62. wifi Telecoms
  63. psychology Therapy
  64. pets Veterinary
View All Vulnerability Management Jobs