Fifth Third BankRemote
Lead Information Security Engineer – Vulnerability Management
United States
Full Time
2 hours ago
$82,100 - $172,500 USD
Visa Sponsor
Key skills
AWSCloudAgileLeadershipCommunicationRemote Work
About this role
Role Overview
- Serve as the primary escalation point and subject matter expert for the most complex and high‑risk remediation issues across infrastructure, cloud, containers, applications, and code.
- Provide advanced technical guidance on remediation paths, exploitability assessment, scanning output interpretation, and multi‑layered False Positive evaluations.
- Independently own intake, investigation, escalation, and mitigation reviews for high-impact items such as critical vulnerabilities, emerging threats, and executive escalations.
- Drive and own sophisticated remediation planning that includes dependency mapping, coordinated timelines, and long-term fixes.
- Perform analytical reviews of large datasets to identify meaningful trends and shape targeted remediation campaigns for the highest areas of risk.
- Conduct proactive follow-up on stalled plans and escalate appropriately when remediation does not progress.
- Deliver expert-level communication to technical and non-technical stakeholders to ensure clarity of risk, urgency, and remediation requirements.
- Oversee False Positive determinations, Exception requests, and Risk Acceptance submissions to ensure accuracy, thoroughness, and adherence to governance standards.
- Partner with teams across Information Security and application teams across the Bank to ensure complex issues are addressed correctly and efficiently.
- Report and track vulnerability metrics, KPIs, and KRIs with proactive escalations to maintain risk within acceptable appetite.
- Create impactful presentations to deliver key metrics and data to senior leadership.
- Work within Agile framework to deliver incremental value.
Requirements
- At least 6 years of related and recent hands-on experience in Vulnerability Management, IS Engineering or similar Information Security domains.
- Strong attention to detail, and advanced understanding of security architecture, networking, operating systems, identity, and cloud services.
- Demonstrated experience in risk articulation, and remediation strategies across common technology stacks.
- Experience with threat intelligence inputs and applying exploitability context to remediation prioritization.
- Demonstrated experience triaging and prioritizing complex findings from scanning tools and translating technical findings into actionable remediation guidance.
- Strong written and verbal communication skills, including the ability to communicate effectively with senior leaders and with deeply technical teams.
- Proven analytical and problem-solving skills, including the ability to interpret large datasets and identify meaningful trends.
- Experience collaborating across multiple teams and influencing outcomes without direct authority.
- Bachelor’s degree in computer science/information systems or equivalent combination of education and experience.
- Certifications such as Security+, CISSP, CISM, GIAC, or cloud certifications (AWS preferred).
Tech Stack
- AWS
- Cloud
Benefits
- Health insurance
- 401(k) matching
- Flexible work hours
- Paid time off
- Remote work options