Expoint - all jobs in one place

Finding the best job has never been easier

Limitless High-tech career opportunities - Expoint

Bank Of America Senior Vulnerability Platform Development Manager 
United States, Illinois, Chicago 
880536128

17.12.2024

Job Description:

Job Description:
This job is responsible for building and leading a team to deliver technology products and services that meet business outcomes. Key responsibilities include developing a technology strategy, ensuring technology solutions comply with applicable standards, promoting design, engineering, and organizational practices, and advocating and advancing modern, Agile solution delivery practices. Job expectations may include coaching, mentoring, providing feedback and hands on career development, identifying emerging talent, fostering leadership skills, and managing stakeholders.

We are looking for an experienced and dedicatedto lead our continuous monitoring and vulnerability management initiatives. The successful candidate will oversee the discovery, assessment, prioritization, and remediation of vulnerabilities across our IT infrastructure. This role requires a deep understanding of tools that support vulnerability management (ServiceNow, ect…) , and security best practices to protect our organization’s assets and ensure compliance with industry standards.


Leadership and Team Management

  • Lead, mentor, and manage a team of Continuous Monitoring developers focused on security operations, vulnerability discovery, and remediation.
  • Collaborate with security, IT, and business stakeholders to align vulnerability management efforts with organizational goals and priorities.
  • Drive the development and enhancement of Continuous Monitoring modules and integrations related to continuous monitoring and vulnerability management.

Cross Team Leadership

  • Works across business and technology at the -executive level to provide vulnerability management solutions that minimize the attack surface and protect the company from cyber-threats.
  • Manages relationships with business, technology executives, sponsors, and vendors to identify and address vulnerabilities and respond to cyber security attacks.
  • Helps to resolve organizational impediments by sponsoring opportunities that improve processes, while identifying new opportunities to enhance efficiency and gain a competitive advantage.
  • Conducts portfolio level resourcing and financial management activities.

Vulnerability Discovery and Asset Prioritization

  • Oversee the integration of vulnerability discovery tools (e.g., Qualys, Aqua, SkyBox) with Continuous Monitoring tool (ServiceNow, ect…) to automate the detection of vulnerabilities across systems, applications, and networks.
  • Establish and maintain a process for asset prioritization, ensuring that the most critical assets are identified and monitored continuously.
  • Develop and implement workflows in Continuous Monitoring to categorize and prioritize discovered vulnerabilities based on asset criticality, risk, and impact.

Vulnerability Assessment and Prioritization

  • Manage the assessment of vulnerabilities, ensuring that they are accurately classified and prioritized for remediation based on severity and potential impact.
  • Develop and maintain dashboards and reports within Continuous Monitoring to provide real-time visibility into the organization’s vulnerability landscape.
  • Implement risk-based prioritization frameworks to guide remediation efforts, focusing on vulnerabilities that pose the greatest risk to the organization

Vulnerability Remediation and Reporting

  • Coordinate with IT and security teams to ensure timely remediation of vulnerabilities, using workflows to track progress and resolution.
  • Ensure that remediation actions are documented and comply with internal policies and regulatory requirements.
  • Generate comprehensive reports for stakeholders, detailing vulnerability status, remediation progress, and risk reduction efforts.

Continuous Monitoring and Process Improvement

  • Implement continuous monitoring processes within Continuous Monitoring to detect and respond to emerging vulnerabilities in real time.
  • Identify opportunities for improving vulnerability management processes, including automation, reporting, and integration with other security tools.
  • Stay informed on the latest vulnerabilities, threats, and industry trends to proactively adapt the organization’s security posture.

Compliance and Risk Management

  • Ensure that all vulnerability management activities comply with relevant security standards, regulations, and industry best practices.
  • Support audit and compliance efforts by providing accurate and timely information on vulnerability management activities and remediation efforts.
  • Manage risk by developing and implementing strategies to mitigate vulnerabilities before they can be exploited.

Research and Innovation:

  • Stay informed about the latest cybersecurity threats, trends, and emerging technologies relevant to vulnerability development and security operations.
  • Evaluate new Continuous Monitoring tools, technologies, and techniques to improve the organization's security posture and stay ahead of potential threats.

Qualifications:

  • Proven experience as a Enterprise Vulnerability Monitoring Developer, with a focus on security operations and vulnerability management.
  • Bachelor's or Master's degree in Computer Science, Information Security, or a related field or equivalent experience.
  • Proven experience in Continuous Monitoring (ServiceNow, ect…) development and security operations, with a successful track record of leading Continuous Monitoring projects from conception to implementation.
  • In-depth knowledge of vulnerability discovery tools (e.g., Qualys, Aqua, SkyBox) and their integration with a Vulnerability Monitoring Platform.
  • Proficiency in scripting and development within industry related vulnerability management platforms (e.g., JavaScript, GlideScript) to customize and optimize workflows.
  • Strong leadership abilities, with experience in managing technical teams and driving successful outcomes.
  • Excellent problem-solving skills, analytical mindset, and a proactive approach to addressing security challenges.

Preferred Qualifications

  • Experience in cybersecurity, vulnerability management, and security operations within large enterprises.
  • Familiarity with ITIL practices and certification.
  • Knowledge of regulatory requirements and compliance related to cybersecurity and vulnerability management.
  • Experience in managing security projects and driving process improvements.

Skills:

  • Influence
  • Risk Management
  • Solution Design
  • Stakeholder Management
  • Technical Strategy Development
  • Analytical Thinking
  • Application Development
  • Collaboration
  • Result Orientation
  • Solution Delivery Process
  • Agile Practices
  • Architecture
  • Automation
  • Data Management
  • DevOps Practices
1st shift (United States of America)