Skip to main content

Vulnerability Engineer

Denver, CO, United States

Job number: 19063901

Back to job search results

Job Description:

Member of the Vulnerability Identification team responsible for supporting all Vulnerability management activities. Individual Contributor role involves supporting Endpoint Scanning, Compliance Monitoring & Vulnerability Analysis functions using Qualys, Symantec ESM/CCS & GRC tools.  As a Team Member you will also be responsible for supporting scanning operations and deep dive analysis/verification of network and web-based findings.  You will leverage your knowledge of penetration testing tools/techniques to identify, validate, escalate, and drive risks to closure through partnership with supporting information security teams.  You will also analyze/respond to issues requiring the use of complex data (multi-structured, "big data") to fulfill requests for information from business partners (internal & external).   Provide governance, guidance, and setting priorities for risk-based vulnerability management, mitigation and remediation by utilizing advanced techniques (text mining, statistical analysis).  Provide information to stakeholders for their meetings to illustrate and communicate the state of information security risk relative to mitigating vulnerabilities that may impact operations, or that may cause reputation risk to the organization.

A successful candidate will be team oriented, collaborative, persistent, analytical, and detail oriented so that changes detected in the environment via scanning are assessed for risk and escalated appropriately.  Typically 5-7 years of IT experience with 3+ of those focused towards penetration testing.

Required Skills:
• Strong Project Management skills.
• Coordinates delivery of project milestones, ensures projects stay on target, escalating and identifying roadblocks.
• Must be able to identify, analyze and address problems to resolve issues whenever possible in way that minimizes negative impact and risk to the organization
• A broad knowledge of information security principles
• Solid experience in Vulnerability Scanning & Compliance Monitoring using Qualys and equivalent tools
• Ability to work independently on initiatives with little oversight.
• Motivated and willing to learn.
• Strong analytical skills/problem solving/conceptual thinking.
• Effective communication skills
• Must be comfortable in delivering messages across a wide spectrum of individuals having varying degrees of technical understanding
• Must have strong leadership skills and qualities which enable you to work with peers and various levels of management
• Ability to write scripts and query databases to extract and transform data.
• Exceptional analytical and critical thinking abilities; Able to develop and convey a point of view
• Knowledge of industry standard scoring models such as CVSS, CCSS.
• Knowledge of vulnerability attack methods.
• Ability to think strategically and execute against a strategic plan
• Professionalism, dependability, integrity and trustworthiness combined with a cooperative attitude. Able to thrive in a dynamic team environment
• Highly motivated self-starter with ability to multitask and complete assignments within time constraints and deadlines. Individual with desire to learn and teach others, high energy, positive attitude
• Subject matter expertise in one or more of the following:
 Databases: Oracle, MSSQL, DB2, MySQL, SyBase
 OS: Windows, UNIX/Linux
 Middleware: Weblogic, WebSphere, Tomcat, Apache, IIS
 Bladelogic
 Scripting: Python, SQL, PHP, BASH

Desired Skills:
• Bachelor's degree in Information Technology or related field
• Strong analytical skills/problem solving/conceptual thinking
• Ability to work with Technical and Non-Technical business owners
• Assist with internal efficiencies projects and development
• Experience with "big data" tools/techniques
• CISSP

Posting Date: 09/20/2019

Location:
Denver, CO, REPUBLIC PLAZA, 370 17TH ST,
- United States

Travel: No

Full / Part-time: Full time

Hours Per Week: 40

Shift: 1st shift

Already have a candidate profile? Log in to access and update your current profile to access and update your current profile.

Assistance for Applicants with Disabilities

Bank of America is committed to ensuring that our online application process provides an equal employment opportunity to all job seekers, including individuals with disabilities. If you believe you need a reasonable accommodation in order to search for a job opening or to submit an application, please visit the Applicants with Disabilities page.

Diversity & Inclusion

At Bank of America, our commitment to diversity and inclusion is helping us to create not only a great place to work, but also an environment where our employees, our customers and our communities around the world can reach their goals and connect with each other. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

Frequently Asked Questions

Need to know how to apply online, view a list of your submitted job applications or reset your password? Visit our FAQ section for answers to these questions and more.

Bank of America Employees

Bank of America employees should access the internal jobs database.