VP Threat and Vulnerability Officer
Lead the testing activities to identify, prioritize and resolve threats and vulnerabilities in computer systems and networks throughout the corporate environment. Configure, manage and maintain security tools for prevention, detection and identification of cyber threats. Evaluate vendors and tools used to identify and track vulnerabilities and their remediation across all corporate systems. Mentor junior staff to help develop their skills and abilities in security testing.
- Perform monthly scans using scanners such as Nmap, Nessus Qualys, etc., to identify and track vulnerabilities and fixes.
- Direct and conduct penetration tests and testing on an as needed basis.
- Use custom scripts to facilitate security testing.
- Mentor testing staff and help in their development of testing skills.
- Lead the monitoring of web traffic for patterns of malicious activity.
- Lead the monitoring of the main Anti-virus console for infected machines and investigate them.
- Configure, administer and monitor the SIEM solution (Alien Vault).
- Evaluate products and technologies for improving the banks security posture.
- Participate in the Integration of threat modeling practices into the vulnerability management standards, policies, procedures and protocols.
- Maintain close working relationships with internal departments and external vendors and partners to communicate technical issues and vulnerability findings.
- Translate complex security issues into layman’s language, providing support and assistance as needed to ensure understanding and action by the appropriate parties.
- Research and keep abreast of information security issues and incidents occurring nationally and internationally while defining and advancing threat and risk concerns.
- Perform user access reviews for regulatory reasons (for example PCI and GLBA) as needed.
- Perform vendor security reviews as needed.
- Perform other related duties as assigned.
- An undergraduate degree in information systems or a related field
- A minimum of 5 – 8 years related hands on experience in security assurance, penetration testing or vulnerability management, security systems including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.
- Previous experience with application security source code reviews, commercial and open-source network and application testing tools
- Certifications in one or more of the following: CISSP, GIAC, CEH, ECSA
Employment with The Bancorp includes successfully passing a background check including credit, criminal, OFAC, education and past employment.
The Bancorp is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a protected veteran, among other things, or status as a qualified individual with disability.
The Bancorp is an Equal Opportunity Employer