Job Description:

Role

This role will focus on implementing and remediating identified vulnerabilities to our network devices, applications, databases, and other components of our IT infrastructure. Evaluate potential threats and work closely with IT and security teams to implement effective remediation strategies. Ensures the organization's systems are secure and compliant by implementing best practices for patch management, system hardening, and security configurations. This role is crucial in maintaining the organization's security posture and protecting critical assets from cyber threats.

Essential Duties & Responsibilities

• Collaborate and review with IT Security on regular vulnerability scans and assessments across the organization's IT environment using various tools. These platforms are essential for identifying and prioritizing security weaknesses, providing detailed insights that enable proactive risk reduction.


• Analyze and coordinate with IT Security for vulnerabilities and threats, determine their potential impact, and recommend strategies for risk prevention.


• Coordinate with IT and security teams to prioritize and apply security patches and updates, including managing patch deployments using company preferred patch management tools, which are critical for automating and streamlining the update process across large networks, reducing the risk of security breaches, and ensuring compliance with industry standards.


• Assist in investigating and resolving security incidents, providing expertise on vulnerability exploitation and mitigation.


• Generate detailed reports on vulnerabilities, their impact, and the status of remediation efforts. Communicate findings to stakeholders.


• Assist IT Security with audit requests and gathering necessary documentation.


• Ensure compliance with relevant security standards, policies, and regulations.


• Provide input on enhancements to scanning and reporting processes.


• Follow internal change management methodology by adhering to documentation and production change control processes when implementing product enhancements and maintenance to ensure a stable production environment.


• Perform other duties as assigned.


• Participate in proactive team efforts to achieve departmental and company goals.


• Must comply with current applicable laws, regulations and bank policies and procedures. Comply with all safety policies, practices and procedures. Report all unsafe activities to supervisor and/or Human Resources.

Knowledge & Skills

Experience

Three years of experience in vulnerability management, information security, or a related role. Experience with vulnerability management platforms (e.g., WSUS, SCCM, PatchMyPC, and Qualys). In-depth knowledge of network protocols, operating systems, and common vulnerabilities. Familiarity with security frameworks and standards (e.g., NIST, ISO 27001, and CIS). Strong analytical and problem-solving abilities. Experience with automation and orchestration tools for vulnerability management.

Education

A college degree in Computer Science, Information Technology, CyberSecurity, or a related field is preferred. Preferred certifications are CISSP or CompTIASecurity+.

Skills

A significant level of trust and diplomacy is required to be an effective subject matter expert in the position. In-depth dialogues, conversations and explanations with direct and indirect reports and outside vendors of a sensitive and/or highly confidential nature is a normal part of the day-to-day experience. Communications can involve motivating, influencing, educating and/or advising others on matters of significance.

Physical Requirement

Perform primarily sedentary work with limited physical exertion and occasional lifting of up to 40 lbs. Must be capable of climbing / descending stairs in emergency situation. Must be able to operate routine office equipment including telephone and copier. Must be able to routinely perform work on a computer for an average of 6-8 hours per day. Must be able to work extended hours whenever required or requested by management.

Regular in-office attendance required.

Job Requirement

Must have a valid driver's license and be able to drive an automobile.

Mental and/or Emotional Requirements

Must be able to perform job functions independently or with limited supervision and work effectively either on own or as part of a team. Must be able to read and carry out various written instructions and follow oral instructions. Must be able to speak clearly and deliver information in a logical and understandable sequence. Must be capable of dealing calmly and professionally with numerous different personalities from diverse cultures at various levels within and outside of the organization and demonstrate highest levels of customer service and discretion when dealing with the public. Must be able to perform responsibilities with composure under the stress of deadlines / requirements for extreme accuracy and quality and/or fast pace. Must be able to effectively handle multiple, simultaneous, and changing priorities. Must be capable of exercising highest level of discretion on both internal and external confidential matters. Must be able to complete complex mathematical calculations and spell accurately.

CapFed® is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.