Security Engineer (Vulnerability Management) with recent Banking experience

:

Security Engineer (Vulnerability Management) with banking experience recent

Required Location: Hybrid/Midtown New York City or Troy, MI 3 days a week.

*** We need: IT Security Engineer with a strong understanding of vulnerability management, risk assessment, and security best practices within the banking sector. The ideal candidate will have hands-on experience in identifying, analyzing, and remediating vulnerabilities in critical banking systems and applications. The role demands proficiency in security tools, methodologies, and regulatory compliance standards. The Security Engineer will work closely with internal teams to ensure the bank's infrastructure, applications, and services remain secure against evolving threats. Ensure the implementation and maintenance of security controls in alignment with banking regulations , including GLBA , PCI-DSS , and other financial industry security standards.

We are seeking an experienced IT Security Engineer with a strong understanding of vulnerability management, risk assessment, and security best practices within the banking sector. The ideal candidate will have hands-on experience in identifying, analyzing, and remediating vulnerabilities in critical banking systems and applications. The role demands proficiency in security tools, methodologies, and regulatory compliance standards. The Security Engineer will work closely with internal teams to ensure the bank's infrastructure, applications, and services remain secure against evolving threats.

Key Responsibilities:

• Vulnerability Management & Remediation:
• Identify, assess, and prioritize security vulnerabilities in banking applications, network infrastructure, and IT systems.
• Work with development and infrastructure teams to remediate vulnerabilities and weaknesses in a timely manner, minimizing security risks.
• Develop and implement vulnerability management programs, including regular vulnerability scans and patching processes.
• Maintain and manage tools such as Nessus, Qualys, or similar vulnerability management platforms to ensure the detection of security flaws.
• Security Monitoring & Incident Response:
• Monitor and analyze security logs, alerts, and events to identify potential security incidents, leveraging SIEM tools (e.g., Splunk, ArcSight, QRadar).
• Investigate, respond to, and escalate security incidents as necessary, ensuring timely resolution and documentation of incidents.
• Collaborate with the Incident Response team to support forensic investigations and mitigate ongoing security threats.
• Banking & Financial Security Standards:
• Ensure the implementation and maintenance of security controls in alignment with banking regulations, including GLBA, PCI-DSS, and other financial industry security standards.
• Apply security frameworks and best practices in compliance with industry standards like NIST, ISO 27001, and SOC 2.
• Stay up to date with regulatory changes, evolving cyber threats, and industry trends to ensure the organization's security posture remains compliant.
• Penetration Testing & Security Assessments:
• Conduct or coordinate regular penetration tests and security assessments to proactively identify vulnerabilities in the bank's applications, networks, and systems.
• Provide recommendations for enhancing security architecture and application defense mechanisms based on test findings.
• Assist in vulnerability risk assessments to determine the severity and impact of potential threats on banking systems.
• Security Tools & Automation:
• Deploy, configure, and maintain security tools for vulnerability scanning, penetration testing, and threat intelligence.
• Develop and automate security monitoring processes using tools like Ansible, Puppet, or PowerShell.
• Assist in implementing security automation and orchestration for quicker identification and mitigation of vulnerabilities.
• Collaboration & Documentation:
• Work with IT, development, and operations teams to integrate security practices within DevOps pipelines and the SDLC (Software Development Life Cycle).
• Create and maintain security documentation, including vulnerability reports, risk assessments, security guidelines, and incident reports.
• Provide security training and awareness sessions for employees, focusing on threat prevention and safe security practices.
• Security Architecture & Risk Assessment:
• Review and provide recommendations on network architecture, cloud security, and security infrastructure.
• Collaborate with senior security architects to build and refine the bank's security architecture, with a particular focus on reducing risk exposure and improving overall system defenses.
• Identify risks, gaps, and weaknesses in the organization's security posture and recommend appropriate security controls to mitigate them.

Qualifications:

• Bachelor's degree in Computer Science, Information Security, Information Technology, or a related field.
• 10+ years of hands-on experience in IT security, vulnerability management, and penetration testing, particularly within the banking or financial services industry.
• In-depth understanding of common security vulnerabilities (e.g., SQL injection, cross-site scripting, buffer overflow, etc.) and methods to mitigate them.
• Experience with vulnerability scanning tools such as Nessus, Qualys, or OpenVAS.
• Familiarity with security frameworks such as NIST, ISO 27001, PCI-DSS, and SOC 2.
• Strong understanding of network security, including firewalls, IDS/IPS, VPNs, and encryption protocols.
• Experience working with SIEM tools (e.g., Splunk, QRadar, ArcSight) to monitor, detect, and respond to security incidents.
• Knowledge of secure coding practices and experience working with developers to mitigate vulnerabilities in software.
• Familiarity with penetration testing tools like Metasploit, Burp Suite, and Kali Linux.
• Experience with cloud security in platforms like AWS, Azure, or Google Cloud.
• Solid understanding of incident response, including forensic analysis and security breach containment.
• Excellent communication skills with the ability to write clear, concise documentation and present complex security findings to technical and non-technical audiences.
• Certifications (preferred but not required):
• CISSP (Certified Information Systems Security Professional)
• CEH (Certified Ethical Hacker)
• CompTIA Security+
• CISA (Certified Information Systems Auditor)

Preferred Qualifications:

• Experience in banking environments with a focus on regulatory compliance and financial security standards.
• Familiarity with DevSecOps practices and security integration in the SDLC.
• Experience with security automation and orchestration tools (e.g., Ansible, Puppet, Chef).
• Knowledge of risk management frameworks and tools, such as RiskWatch or RiskMatrix.

Job Types: Full-time, Contract

Pay: $110,000.00 - $150,000.00 per year

Application Question(s):

• What's your visa status and current location?

Experience:

• IT security, vulnerability mgmt, pen testing, in banking: 10 years (Required)
• SQL injection, cross-site scripting: 3 years (Required)
• Nessus, Qualys, or OpenVAS: 3 years (Required)
• NIST, ISO 27001, PCI-DSS, and SOC 2: 3 years (Required)
• SIEM tools (e.g., Splunk, QRadar, ArcSight: 3 years (Required)
• Metasploit, Burp Suite, and Kali Linux: 2 years (Required)
• AWS, Azure, or Google Cloud: 3 years (Required)

License/Certification:

• CISSP/CEH/CISA/CompTIA Security+ (Required)

Ability to Commute:

• New York, NY 10001 (Required)

Work Location: In person