InfoSec Manager - Vulnerability Management Operations

Overview

This position allocates technical resources and associates within the Enterprise Cyber Security Organization (ECSO) department of the Bank. Manages a team to ensure effective delivery of service and operational results within Vulnerability Management (VM) program. Leads and oversees the daily Vulnerability Management Assessments Operations team reporting to the Director of Vulnerability Management Assessments.

Responsibilities

• Lead and manage a team responsible for operational duties; including VM ticket queue/triage for reassignments, decommissions, ad hoc scans, basic reporting, escalating issues to VM Engineering, and addressing tier 1 questions related to vulnerability remediation.
• Oversee the documentation maintenance process, ensuring accurate and up-to-date operational procedures.
• Conduct platform monitoring to proactively identify any system issues that may cause the inability to identify, assign, and report vulnerabilities (e.g., Vulnerability detection issues, Agent deployment and health, Network scan and authentication health)
• Maintain and support the overall health of the vulnerability management platform, implementing necessary updates and optimizations (e.g., Platform Capacity/Availability/Performance)
• Review and analyze vulnerability to identify trends that may affect the bank's environment.
• Collaborate with cross-functional teams to integrate vulnerability management processes into the broader security framework.
• Stay abreast of industry trends, emerging threats, and new technologies to continually improve vulnerability management strategies.
• Provide leadership and mentorship to team members, fostering a collaborative and growth-oriented work environment.
• Coordinate with stakeholders to develop and implement vulnerability management policies, procedures, and best practices.

Qualifications

• Bachelor's Degree and 6 years of experience in Applications development, applications analysis or systems engineering OR High School Diploma or GED and 10 years of experience in Applications development, applications analysis or systems engineering
• Proven experience in vulnerability management, with a focus on operational duties and team leadership.
• In-depth knowledge of vulnerability assessment tools, methodologies, and industry best practices.
• Strong analytical and problem-solving skills, with the ability to prioritize tasks effectively.
• Excellent communication skills to interact with team members, stakeholders, and external partners.
• Demonstrated ability to create and maintain comprehensive documentation.
• Familiarity with vulnerability assessment tools and maintenance processes.
• Relevant certifications (e.g., CISSP, CISM, CompTIA Security+) are a plus.