Staff IT Analyst II Cyber - Senior Vulnerability Management Analyst
Staff IT Analyst II Cyber - Senior Vulnerability Management Analyst
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Job Title:
Staff IT Analyst II Cyber - Senior Vulnerability Management AnalystLocation:
Block 23What youll do:
The Business Information Security Office (BISO) part of Western Alliance Banks (WAB) enterprise security organization serves as the frontline connection between the security programs and technology teams responsible for managing security risks and vulnerabilities. The Vulnerability Management (VM) program within the BISO organization establishes standards direction and priorities for vulnerability management processes and works with security peers IT program owners infrastructure teams and application teams to identify assess prioritize and track the resolution of vulnerabilities in WABs cloud and on-premises environments.The Staff IT Analyst II Cyber is a cross functional role within the VM program that is responsible for driving strategy ensuring the adoption of requirements and collaborating with peers who manage vulnerability scans threat intelligence platforms exceptions processes and risk reporting. This position is tasked with supporting WABs IT organization and business units by analyzing scan results conducting risk assessments monitoring remediation progress automating manual tasks and ensuring information is well communicated and actionable to enable timely remediation.
- Assist with defining and implementing strategy processes procedures and controls for vulnerability management threat exposure management and compliance scanning.
- Review and validate vulnerability scan results from various platforms (e.g. Wiz Rapid7) for accuracy and relevance and support investigations into false positive detections.
- Support the implementation management and maintenance of vulnerability management and external attack surface platforms or tools including identifying and resolving technical or functional issues and ensuring reliable platform operations.
- Lead the planning and implementation of security measures to protect cybersecurity practices processes and IT systems.
- Design monitoring and evaluation of security safeguards by analyzing these items to identify potential security threats.
- Develop strategies to protect security practices processes or IT systems from cyber-attacks.
- Maintain security systems or capabilities by installing configuring and/or maintaining software and assisting in monitoring the company network/system for breaches or vulnerabilities.
- Design scripts and deploy automated solutions to streamline manual processes involved in information collection and consolidation.
- Track open vulnerabilities from identification through resolution coordinating with IT program and asset owners or escalating issues as needed.
- Provide support for developing customized compliance policy scanning rulesets based on CIS benchmarks.
- Work with security IT teams and other stakeholders to assess the impact of vulnerabilities in WABs environment and establish appropriate mitigating controls.
- Recommend and apply measures to address and resolve vulnerabilities or security exposures.
- Prepare and deliver vulnerability reports and dashboards for technical teams leadership and business stakeholders.
- Identify recurring vulnerabilities and trends to assist in long-term risk reduction strategies.
- Lead the planning and implementation of security measures to protect cybersecurity practices process and IT systems.
- Support vulnerability management and information security by increasing awareness and use of security services.
- Design and improve KRIs KPIs and operational metrics for different audiences and organizational needs.
- Stay informed about new vulnerabilities cyber threats and attack vectors.
- Participate in audits and examinations as a subject matter expert when required.
- Propose and spearhead process improvements to enhance the VRM program.
What youll need:
- 5 years of related experience in vulnerability management threat management security operations or a related cybersecurity discipline.
- Bachelors degree in computer science IT or related field required.
- Proficiency with vulnerability management tools (e.g. Rapid 7 Insight VM Qualys Wiz) and patch/configuration management hardening guidelines and approaches.
- Experience with ServiceNow Vulnerability Response CIS WorkBench PowerBI and Power Automate for tracking reporting and process automation.
- Solid understanding of operating systems (Windows Linux) networking concepts and cloud platforms (AWS Azure GCP).
- An intermediate knowledge of general Financial Services or Banking is preferred.
- Intermediate knowledge of applicable regulatory and legal compliance obligations rules and regulations industry standards and practices.
- Experience applying risk-based prioritization in a hybrid technology environment.
- Intermediate to advanced knowledge of cybersecurity policies and procedures Privacy principles and practices and vulnerability assessment tools and techniques.
- Intermediate to advanced knowledge of the risk and controls associated with Cybersecurity Program domains including Data Protection Threat/Vulnerability Management BCP/DR security governance & assessment security training & awareness network security cloud security emerging technology controls (e.g. AI blockchain) third-party suppliers security operations etc.
- Intermediate speaking and writing communication skills.
- Strong analytical skills and the ability to communicate technical findings to non-technical audiences.
- CompTIA Security CompTIA A GIAC Information Security Fundamentals (GISF) Certified Information Systems Auditor (CISA) Certified in Risk of IT System Controls (CRISC) Certified in Cloud Security Knowledge (CCSK) or GIAC Security Essentials (GSEC) preferred.
Benefits youll love:
We offer all the important things youd want like competitive salaries an ownership stake in the company medical and dental insurance time off a great 401k matching program tuition assistance program an employee volunteer program and a wellness addition youll have the opportunity to bolster your business knowledge learning the ins and outs of how successful companies operate and manage their finances giving you invaluable hands-on experience to help grow your career!
About the company:
Western Alliance Bank is a wholly owned subsidiary of Western Alliance Bancorporation. Alliance Bank of Arizona Alliance Association Bank Bank of Nevada Bridge Bank First Independent Bank and Torrey Pines Bank are divisions of Western Alliance Bank; Member FDIC. AmeriHome Mortgage is a Western Alliance Bank company.
Western Alliance Bancorporation is committed to equal employment and will consider all qualified applicants without regard to race sex color religion age nation origin marital status disability protected veteran status sexual orientation gender identity or genetic information. Western Alliance Bancorporation is committed to working with and providing reasonable accommodations for individuals with disabilities. If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process and/or need an alternative method of applying please email or call . When contacting us please provide your contact information and state the nature of your accessibility issue. We will only respond to inquiries concerning requests that involve a reasonable accommodation in the application process.
Western Alliance Bancorporation
Required Experience:
Staff IC
Employment Type
Full-Time
