Veritex Community Bank
Senior Vulnerability Analyst
Veritex Community Bank, Dallas, Texas, United States, 75215
Senior Vulnerability Analyst
Dallas, TX, USA
Req #259
Monday, September 16, 2024
Job Summary:We are seeking an experienced Vulnerability Analyst to join our security team. The successful candidate will be responsible for identifying and analyzing vulnerabilities in our systems and applications and collaborating with other team members to develop and implement remediation plans. The role requires a deep understanding of security principles, best practices, and experience with vulnerability scanning and assessment tools such as Intune, SCCM, Tanium, and Tenable.
As a Vulnerability Analyst, you will play a critical role in ensuring the security of our organization's systems and data. You will work collaboratively with other members of the security team and IT teams to identify and remediate vulnerabilities in our environment. This position offers the opportunity to work with advanced security tools and technologies and to stay updated with the latest security trends and threats.
Key Responsibilities:
Conduct regular vulnerability assessments of systems and applications using tools like Tanium and Tenable.
Analyze and interpret vulnerability scan results, prioritizing vulnerabilities based on risk levels.
Collaborate with cross-functional teams to develop and implement effective remediation plans for identified vulnerabilities.
Conduct penetration testing and vulnerability research to identify new and emerging threats.
Develop, update, and maintain security policies, procedures, and best practices.
Monitor security logs and alerts to identify potential security incidents and respond appropriately.
Investigate security incidents to determine root causes and formulate remediation strategies.
Work with IT teams to ensure adherence to security policies and procedures.
Develop and deliver security training and awareness programs for employees.
Participate in internal and external security audits and assessments.
Stay abreast of emerging security threats, vulnerabilities, and industry best practices.
Provide technical guidance and mentorship to junior team members and peers.
Collaborate with other teams to implement security controls, technologies, and secure coding practices.
Participate in incident response activities as needed.
Communicate with senior management and stakeholders about security risks, vulnerabilities, and incidents.
Utilize ServiceNow Security Operations to manage and track security incidents and requests.
Coordinate with third-party vendors and service providers to ensure compliance with security policies and procedures.
Conduct risk assessments on new systems and applications before deployment.
Assist in the development and implementation of disaster recovery and business continuity plans.
Maintain comprehensive security-related documentation, including policies, standards, procedures, and guidelines.
Conduct security reviews and assessments of third-party vendors and service providers.
Provide input on the evaluation and selection of security tools and technologies.
Perform continuous security research and provide recommendations for new security products and services.
Assist in preparing and delivering security-related training and awareness programs.
Required Skills and Qualifications:
Bachelor's degree in Computer Science, Information Technology, or a related field; or 10 years of equivalent experience.
Minimum of 5-7 years of experience in information security, focusing on vulnerability management and assessment.
Proficiency with vulnerability scanning and assessment tools such as Intune, SCCM, Tanium, and Tenable.
Strong understanding of security principles, frameworks (e.g., NIST, ISO 27001, PCI DSS), and best practices.
Excellent analytical, problem-solving, and communication skills.
Ability to work independently and as a collaborative team member.
Relevant industry certifications such as CISSP, CISA, GIAC are a plus.
Experience with ServiceNow Security Operations.
Familiarity with common network and system architectures and cloud security solutions (e.g., AWS, Azure).
Experience with security incident response processes, SIEM platforms (e.g., Splunk, ArcSight, LogRhythm), EDR tools (e.g., Carbon Black, CrowdStrike, SentinelOne), and SOAR platforms (e.g., Demisto, Phantom, Swimlane).
Strong scripting skills in languages like Python or PowerShell.
Preferred Experience:
Experience with Security Information and Event Management (SIEM) platforms (e.g., IBM QRadar, McAfee Enterprise Security Manager, Rapid7 InsightIDR).
Knowledge of Network Intrusion Detection and Prevention Systems (NIDS/NIPS) (e.g., Snort, Suricata, Bro).
Familiarity with Cloud Security Posture Management (CSPM) tools (e.g., CloudCheckr, Dome9, Prisma Cloud).
Experience with Identity and Access Management (IAM) solutions (e.g., Okta, Ping Identity, ForgeRock).
Understanding of Data Loss Prevention (DLP) solutions (e.g., Symantec DLP, McAfee DLP, Forcepoint DLP).
Other Information:This position is an in-office role with one flex day per week to work from home. The work environment may involve exposure to sensitive or confidential information, and the successful candidate will be required to adhere to strict security protocols and requirements. The successful candidate must be able to maintain the highest level of confidentiality and exercise sound judgment in all aspects of their work.
Company Overview:Truth in Texas Banking. That's what we're about. Founded in 2010, we are one of the ten largest banks headquartered in the state of Texas. We became a publicly traded company in 2014 and in 2020 and 2021 we were listed on Fortune's 100 Fastest Growing Companies. Headquartered in Dallas, Texas, we've built a bank forever rooted in truth, transparency, and uncompromising integrity.
We know our strongest asset is the passion, authenticity, and talent of our people. We focus on the growth and development of each team member to unlock potential to "Be Your True Self." Our "True You" culture is made up of five pillars:
Be Mindful
Be Healthy
Be Better
Be Prosperous
Be Faithful
With this as our foundation, we've built a bank of people who are transparent, tell the truth, and act with integrity. We unite together in common purpose - caring deeply for our clients and communities, communicating openly with each other, and treating everyone with respect.
Work environment and Physical demands:
The employee may occasionally lift and/or move up to 25 pounds. The employee may occasionally stand, walk, reach, climb, balance, stoop, kneel, crouch, or crawl. The work environment and physical demands are those of a standard office setting. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of the job.
Disclaimer:
This job description is not an inclusive list of all duties and responsibilities of the position. Incumbents will be required to follow any other job-related instructions and to perform any other job-related duties requested by any person authorized to give instructions or assignments. Veritex Bank reserves the right to amend and change responsibilities to meet business and organizational needs.
This document does not create an employment contract, implied or otherwise, other than an "at will" relationship. Veritex Community Bank is an equal opportunity employer. Veritex Community Bank Corporate Human Resources, Dallas, Texas.
#J-18808-Ljbffr
Dallas, TX, USA
Req #259
Monday, September 16, 2024
Job Summary:We are seeking an experienced Vulnerability Analyst to join our security team. The successful candidate will be responsible for identifying and analyzing vulnerabilities in our systems and applications and collaborating with other team members to develop and implement remediation plans. The role requires a deep understanding of security principles, best practices, and experience with vulnerability scanning and assessment tools such as Intune, SCCM, Tanium, and Tenable.
As a Vulnerability Analyst, you will play a critical role in ensuring the security of our organization's systems and data. You will work collaboratively with other members of the security team and IT teams to identify and remediate vulnerabilities in our environment. This position offers the opportunity to work with advanced security tools and technologies and to stay updated with the latest security trends and threats.
Key Responsibilities:
Conduct regular vulnerability assessments of systems and applications using tools like Tanium and Tenable.
Analyze and interpret vulnerability scan results, prioritizing vulnerabilities based on risk levels.
Collaborate with cross-functional teams to develop and implement effective remediation plans for identified vulnerabilities.
Conduct penetration testing and vulnerability research to identify new and emerging threats.
Develop, update, and maintain security policies, procedures, and best practices.
Monitor security logs and alerts to identify potential security incidents and respond appropriately.
Investigate security incidents to determine root causes and formulate remediation strategies.
Work with IT teams to ensure adherence to security policies and procedures.
Develop and deliver security training and awareness programs for employees.
Participate in internal and external security audits and assessments.
Stay abreast of emerging security threats, vulnerabilities, and industry best practices.
Provide technical guidance and mentorship to junior team members and peers.
Collaborate with other teams to implement security controls, technologies, and secure coding practices.
Participate in incident response activities as needed.
Communicate with senior management and stakeholders about security risks, vulnerabilities, and incidents.
Utilize ServiceNow Security Operations to manage and track security incidents and requests.
Coordinate with third-party vendors and service providers to ensure compliance with security policies and procedures.
Conduct risk assessments on new systems and applications before deployment.
Assist in the development and implementation of disaster recovery and business continuity plans.
Maintain comprehensive security-related documentation, including policies, standards, procedures, and guidelines.
Conduct security reviews and assessments of third-party vendors and service providers.
Provide input on the evaluation and selection of security tools and technologies.
Perform continuous security research and provide recommendations for new security products and services.
Assist in preparing and delivering security-related training and awareness programs.
Required Skills and Qualifications:
Bachelor's degree in Computer Science, Information Technology, or a related field; or 10 years of equivalent experience.
Minimum of 5-7 years of experience in information security, focusing on vulnerability management and assessment.
Proficiency with vulnerability scanning and assessment tools such as Intune, SCCM, Tanium, and Tenable.
Strong understanding of security principles, frameworks (e.g., NIST, ISO 27001, PCI DSS), and best practices.
Excellent analytical, problem-solving, and communication skills.
Ability to work independently and as a collaborative team member.
Relevant industry certifications such as CISSP, CISA, GIAC are a plus.
Experience with ServiceNow Security Operations.
Familiarity with common network and system architectures and cloud security solutions (e.g., AWS, Azure).
Experience with security incident response processes, SIEM platforms (e.g., Splunk, ArcSight, LogRhythm), EDR tools (e.g., Carbon Black, CrowdStrike, SentinelOne), and SOAR platforms (e.g., Demisto, Phantom, Swimlane).
Strong scripting skills in languages like Python or PowerShell.
Preferred Experience:
Experience with Security Information and Event Management (SIEM) platforms (e.g., IBM QRadar, McAfee Enterprise Security Manager, Rapid7 InsightIDR).
Knowledge of Network Intrusion Detection and Prevention Systems (NIDS/NIPS) (e.g., Snort, Suricata, Bro).
Familiarity with Cloud Security Posture Management (CSPM) tools (e.g., CloudCheckr, Dome9, Prisma Cloud).
Experience with Identity and Access Management (IAM) solutions (e.g., Okta, Ping Identity, ForgeRock).
Understanding of Data Loss Prevention (DLP) solutions (e.g., Symantec DLP, McAfee DLP, Forcepoint DLP).
Other Information:This position is an in-office role with one flex day per week to work from home. The work environment may involve exposure to sensitive or confidential information, and the successful candidate will be required to adhere to strict security protocols and requirements. The successful candidate must be able to maintain the highest level of confidentiality and exercise sound judgment in all aspects of their work.
Company Overview:Truth in Texas Banking. That's what we're about. Founded in 2010, we are one of the ten largest banks headquartered in the state of Texas. We became a publicly traded company in 2014 and in 2020 and 2021 we were listed on Fortune's 100 Fastest Growing Companies. Headquartered in Dallas, Texas, we've built a bank forever rooted in truth, transparency, and uncompromising integrity.
We know our strongest asset is the passion, authenticity, and talent of our people. We focus on the growth and development of each team member to unlock potential to "Be Your True Self." Our "True You" culture is made up of five pillars:
Be Mindful
Be Healthy
Be Better
Be Prosperous
Be Faithful
With this as our foundation, we've built a bank of people who are transparent, tell the truth, and act with integrity. We unite together in common purpose - caring deeply for our clients and communities, communicating openly with each other, and treating everyone with respect.
Work environment and Physical demands:
The employee may occasionally lift and/or move up to 25 pounds. The employee may occasionally stand, walk, reach, climb, balance, stoop, kneel, crouch, or crawl. The work environment and physical demands are those of a standard office setting. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of the job.
Disclaimer:
This job description is not an inclusive list of all duties and responsibilities of the position. Incumbents will be required to follow any other job-related instructions and to perform any other job-related duties requested by any person authorized to give instructions or assignments. Veritex Bank reserves the right to amend and change responsibilities to meet business and organizational needs.
This document does not create an employment contract, implied or otherwise, other than an "at will" relationship. Veritex Community Bank is an equal opportunity employer. Veritex Community Bank Corporate Human Resources, Dallas, Texas.
#J-18808-Ljbffr