Expoint - all jobs in one place

Finding the best job has never been easier

Limitless High-tech career opportunities - Expoint

Bank Of America Cyber Security Vulnerability Management Innovation SME 
United States, North Carolina, Charlotte 
410975938

Today

Share

Log in to apply

Job Description:

Job Description:

The Vulnerability Management Innovation team is responsible for modernizing the end-to-end vulnerability management program within Global Information Security. This role will evaluate the program from the identification of findings through remediation governance to identify process inefficiencies and coverage gaps. As a key leader, you will drive cross-functional design sessions to deliver comprehensive solutions to complex problems, lead major projects, and influence the strategic direction of the organization.

Required Qualifications:

  • 7+ years’ experience in cyber security

  • 3+ years’ experience in vulnerability management

  • Ability to work independently on initiatives with little oversight

  • Ability to proactively anticipate problems and execute solutions at a strategic level

  • Excellent analytical skills/problem solving/conceptual thinking

  • Understanding of risk assessment methodologies

  • Knowledge of vulnerability attack methods, exploit results, attack chains

  • Knowledge of industry standard scoring models such as CVSS, CCSS

  • Knowledge of industry standard data models such as CPE and data normalization tools

  • Must be able to critically examine an organization and application through the perspective of a threat actor and articulate risk in clear, precise terms to technical and non-technical audience.

Desired Qualifications

  • Leveraging NIST SP-800 (specifically 800-30) for prioritizing risk

  • Operationalizing MITRE Attack & TTPs in vulnerability prioritization

  • Experience conducting vulnerability assessments, code reviews and penetration tests against system and application technologies, services, platforms, and languages to find flaws and exploits (e.g., SQL Injection, Cross-Site Scripting, Cross-Site Request Forgery, Clickjacking, Authentication/Authorization, Privilege Escalation, Business Logic Bypass)

  • Strong familiarity with OWASP Top 10 vulnerabilities, SANS 25, MITRE, and CWEs

  • Experience in conducting vulnerability assessments or scans.

  • Experience in performing data analytics to communicate impact analysis of process change

  • This job will be open and accepting applications for a minimum of seven days from the date it was posted.
1st shift (United States of America)

These jobs might be a good fit

Professional CV Builder tool from Expoint.

Get to the top of the "yes list" with a standout CV!

CREATE CV