Apply on Employer Site

Citizens · 2 weeks ago

Manager Vulnerability Management

Iselin, NJ

Full-time

Hybrid

Senior Level, Lead/Staff

$175K/yr - $205K/yr

8+ years exp

Citizens is a financial services company seeking a highly motivated individual for the role of Manager of Vulnerability Management. This position involves performing vulnerability and compliance scanning and analysis to assess the enterprise vulnerability posture and reduce the attack surface, while collaborating with various teams to track and remediate vulnerabilities.

BankingCredit CardsFinancial ServicesFinTechRetail

H1B Sponsor Likely

Responsibilities

Actively looking for ways to improve the processes around the program to provide a best of breed, world class service

Communicating security issues to a wide variety of internal and external “customers” to include technical teams, executives, risk groups, vendors and regulators

Maintaining a deep understanding of current threat, vulnerabilities, attacks, countermeasures and how to respond effectively to them while providing training to the rest of the team on these items

Developing meaningful metrics to reflect the true posture of the environment allowing the organization to make educated decisions based on risk

Improving the capabilities and maturity of the Citizens Vulnerability Management Program by identifying appropriate technologies, policies, communication channels, organizational structures and relationships with third parties

Qualification

QualysGuard Vulnerability ScannerVulnerability ManagementSecurity CertificationsPenetration Testing ToolsCloud SecurityOperating Systems ExpertiseAutomation ScriptingNetworking FundamentalsSoft Skills

Required

8+ years of progressive security industry experience, including 2+ years in a leadership or management role

5 years of progressive security industry experience

1-2 years of experience with QualysGuard Vulnerability Scanner including its API, Vulnerability Management (VM), Policy Compliance (PC), CloudView, AssetView, Cloud Agent, and other modules highly preferred

1-2 years of experience with other vulnerability management solutions such as Tenable, Rapid7, and others is acceptable with the understanding that you will be expected to be a domain expert with this Qualys in 3-6 months

Recall level of understanding of CVSS, CVE, CWE, CPE, CCE, CWE, OVAL, SCAP and other standards

Experience developing applications, automation scripts, or other solutions in at least one modern language (Python, Powershell, Java, C/C++, Go, etc)

Expert understanding of various operating systems (Window, UNIX, Linux, AIX, etc.) with an emphasis on vulnerability assessment and hardening. Subject matter expertise in at least one of the operating systems is required

Practical knowledge of security hardening, configuration management, change control/problem management, exception management and security baselines (e.g. CIS Baselines, NIST, vendor security technical implementation guides, etc.)

Practical knowledge of Cloud (AWS, Azure, etc.) and how to secure them

Associate level knowledge of networking fundamentals

Experience fostering and maintaining relationships with key stakeholders and business partners

Self-motivation with the ability to work under minimal supervision is a must

Ability to demonstrate manual testing experience including all of OWASP Top 10

Demonstrated experience with common penetration testing and vulnerability assessment tools such as nmap, Wireshark, Nessus, NeXpose, Kali, Metasploit, AppScan, WebInspect, Burp Suite Professional, Acunetix, Arachni, w3af, NTOSpider, ZAP Proxy, IronWASP is a plus

Preferred

One or more relevant security certifications (GEVA, GCIH, GCIA, OSCP, GPEN, GXPN, GWAPT, GWEB, GCIA, GSNA, LPT, Security +, CISSP, CISM, CISA)

Bachelor's Degree or equivalent combination of experience

Benefits

Comprehensive medical, dental and vision coverage

Retirement benefits

Maternity/paternity leave

Flexible work arrangements

Education reimbursement

Wellness programs

Paid time off policy exceeds the mandatory, paid sick or paid time-away policy of very local and state jurisdiction in the United States

Company

Citizens

Glassdoor3.6

At Citizens, we recognize that the journey to accomplishment is no longer linear and that individuals are made of all they have done and all they are going to do.

Founded in 1828

Providence, Rhode Island, USA

10001+ employees

https://www.citizensbank.com/

H1B Sponsorship

Citizens has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2020 (1)