Vulnerability Management Analyst
At BNY, our culture empowers you to grow and succeed. As a leading global financial services company at the center of the world’s financial system we touch nearly 20% of the world’s investible assets. Every day around the globe, our 50,000+ employees bring the power of their perspective to the table to create solutions with our clients that benefit businesses, communities and people everywhere.
We continue to be a leader in the industry, awarded as a top home for innovators and for creating an inclusive workplace. Through our unique ideas and talents, together we help make money work for the world. This is what #LifeAtBNY is all about.
We’re seeking a future team member for the role of Vulnerability Management Analyst to join our Information Security Division – Cyber Operations Vulnerability Management team. This role is located in Pittsburgh, PA or Lake Mary (Northern Orlando), FL – Hybrid. Candidate must reside within a commutable distance to the office.
In this role, you’ll make an impact in the following ways:
- Perform information system security vulnerability scanning to discover and analyze vulnerabilities and characterize risks to networks, operating systems, applications, databases, and other information system components.
- Conduct risk-based assessment on security vulnerabilities and determine impact to various IT infrastructures.
- Prioritize risks and drive remediation by outlining and providing advice and solutions to technology owners on effective security controls and counter measures.
- Prioritize remediation activities based upon the results of the Enterprise-wide scanning program, Intel Threat advisories, or internal/external audits.
- Engage with stakeholders, to include IT professionals, management, and auditors, to facilitate vulnerability discovery and remediation.
- Validate remedial actions and ensure compliance with information security policy and regulatory requirements.
- Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement and automation.
- Conduct adhoc vulnerability scans if needed and coordinates remediation with appropriate support teams.
To be successful in this role, we’re seeking the following:
- Bachelor's degree in computer science or a related discipline, or equivalent work experience required.
- 4+ years of experience in information security or related technology experience required, experience in the securities or financial services industry is a plus.
- Possess strong knowledge of various technologies and security topics including operating systems, network security, protocols, application security, infrastructure hardening and security baselines.
- Knowledge of industry standards relating to Vulnerability Management including Common Vulnerabilities and Exposures (CVE), Common Vulnerability Scoring System (CVSS) and Open Web Application Security Project (OWASP) strongly desired.
- Practical experience with identifying, analyzing, and communicating cyber threat and vulnerability information.
- Hold key Cybersecurity Certifications, Security+, CISSP, CEH, SANS etc
- Experience working with cloud technology (Azure, GCP, AWS.)
- Strong working knowledge of vulnerability management toolsets (Qualys, Wiz.io, Xray Jfrog etc.)
- Strong working knowledge of operational baselines hardening
- Familiar with International Standards, NIST Special Publications and Cyber Security Frameworks
- Experience with assessing vulnerability management programs
- Familiar with patching processes and related technologies (e.g. BladeLogic, SCCM)
- Familiar with enterprise risk management and how cyber threats and vulnerabilities integrate into ERM efforts
- Exemplary verbal and written communication skills (English business fluent spoken and written)
- Ability to work under pressure and deal with ambiguous situations
- Ability to read and write scripts in various languages. (php, python, ksh, powershell, SQL, and similar) Experience and proficiency in a various toolsets and best practices.
At BNY, our culture speaks for itself. Here’s a few of our awards:
- America’s Most Innovative Companies, Fortune, 2024
- World’s Most Admired Companies, Fortune 2024
- Human Rights Campaign Foundation, Corporate Equality Index, 100% score, 2023-2024
- Best Places to Work for Disability Inclusion, Disability: IN – 100% score, 2023-2024
- “Most Just Companies”, Just Capital and CNBC, 2024
- Dow Jones Sustainability Indices, Top performing company for Sustainability, 2024
- Bloomberg’s Gender Equality Index (GEI), 2023
Our Benefits and Rewards:
BNY offers highly competitive compensation, benefits, and wellbeing programs rooted in a strong culture of excellence and our pay-for-performance philosophy. We provide access to flexible global resources and tools for your life’s journey. Focus on your health, foster your personal resilience, and reach your financial goals as a valued member of our team, along with generous paid leaves, including paid volunteer time, that can support you and your family through moments that matter.
BNY is an Equal Employment Opportunity/Affirmative Action Employer - Underrepresented racial and ethnic groups/Females/Individuals with Disabilities/Protected Veterans.