Connexus Credit UnionRemote
Vulnerability Management Analyst
Florida, United States of America
Full Time
2 hours ago
No H1B
Key skills
CloudPrisma
About this role
Role Overview
- Conduct regular vulnerability scanning of networks, servers, endpoints, cloud environments, and applications using approved tools.
- Analyze scan results to identify false positives, determine exploitability, and assess business and regulatory risk.
- Prioritize vulnerabilities based on CVSS scores, threat intelligence, asset criticality, and financial institution risk impact.
- Track vulnerabilities through remediation, validation, and closure using ticketing or governance platforms.
- Perform re-scans to validate remediation effectiveness.
- Partner with IT infrastructure, application development, cloud, and network teams to remediate identified risks.
- Monitor emerging threats, zero-day vulnerabilities, and industry advisories relevant to financial services.
- Support and maintain enterprise vulnerability management tools (such as Tenable, Nessus, Burp, Qualys, Rapid7, Wiz, Prisma, Microsoft Defender), ensuring timely updates and patches.
- Run the daily vulnerability management program operations, work closely with the patch management analyst in identifying and patching vulnerabilities, and actively participate in weekly vulnerability management team meetings.
Requirements
- Bachelor's degree or commensurate experience is Required.
- 3+ years professional work experience in vulnerability management, security operations, or IT risk within a regulated environment is Required.
- Hands-on experience with vulnerability scanning tools, such as: Tenable (Nessus, Tenable.io), Qualys, Rapid7 or similar platforms is Required.
- Prior financial industry regulations and frameworks (FFIEC, NCUA, GLBA, NIST) is Required.
- Strong knowledge of vulnerability scanning technologies and methods, including scoring systems (CVSS, CMSS) and risk prioritization frameworks is Required.
- Global Information Assurance Certification (GIAC), GIAC Security Essentials Certification (GSEC) or Enterprise Vulnerability Assessor Certification (GEVA) is Required.
Tech Stack
- Cloud
Benefits
- 25 days of paid time off and 10 paid holidays
- 16 hours of paid Volunteer Time Off
- 401K Retirement with up to 6% employer match
- Excellent Health, Dental, Vision insurance, including multiple plan options
- Health Savings Account with generous employer contributions
- Employer paid Life insurance, Short-Term and Long-Term Disability
- Tuition Reimbursement from $4,000
- $7,000 per calendar year
- Robust Learning and Development program that includes an annual professional development stipend