Manager of Cyber Vulnerability Management (Hybrid or Remote)

Manager of Cyber Vulnerability Management (Hybrid or Remote)

Vacancy expired!

Zions Bancorporation is currently seeking a

Manager of Cyber Vulnerability Management (CVM) as part of our Enterprise Information Security department. Enterprise Information Security (EIS) is integrated with the Enterprise Technology and Operations division (1100+ technical people) at Zions Bancorporation. EIS is responsible for enabling secure innovation and business growth for 10,000+ employees across 11 states. EIS is undergoing rapid growth and we’re focused on creating a relevant program that will enable our organization’s long-term success. What’s great about our department is that we laugh with each other, have Executive and Board level visibility and support for our work, and are driving highly visible, enterprise-wide initiatives. We’re focused on creating business value and are seeking like-minded professionals to join our team!

The scope and impact of your work as a Manager of Cyber Vulnerability Management (CVM):

Lead a team of skilled analysts in order to improve vulnerability management lifecycle processes, including discovery, assets prioritization, vulnerability assessment, reporting, remediation, and validation.

Drive and oversee the development of vulnerability management (playbooks, run books, reporting, metrics to include key risk indicators, and executive level presentations).

Drive program maturity, reducing the time to vulnerability remediation by integrating technology platforms, automating processes, providing actional vulnerability remediation guidance.

Collaborate with cybersecurity and technology teams to research, recommend, and implement enterprise-wide changes.

Scope, plan, and facilitate vulnerability assessment and penetration testing technical assessments.

Build relationships and serve as a liaison between system/application owners and the CVM team.

Mentor team members in performing vulnerability risk management engagements.

Serve as an advisor, raising awareness of vulnerabilities, exposure, and business impact to enterprise systems.

Provide key input into information technology and cybersecurity strategies regarding asset management (especially end-of-life system management), application rationalization, information security control design and testing, risk assessment, threat intelligence, and other cybersecurity domains.

Your experiences and skills:

• At least 6 years’ experience with vulnerability assessment or penetration testing; combination of education and experience is acceptable
• Demonstrated experience managing a process delivery team to achieve defined targets for service levels, efficiency and quality, with at least two years directly supervising others
• Broad, current knowledge of cybersecurity domains, technologies, and vendor capabilities
• Strong communication and reporting skills, including written reports and business presentations
• Understanding of cybersecurity risk assessment, third-party risk management, and related processes and documentation
• Strong technical skills related to at least one of the following areas: information security, network security, Windows security, UNIX/Linux security, and web application security
• Knowledge of system and/or web application vulnerabilities and risk assessment methodologies such as Common Vulnerability Scoring System (CVSS) or OWASP Risk Rating Methodology
• An understanding of mapping and scanning applications and systems, including port scanning, identifying services and configurations, spidering, application flow charting, and session analysis.
• Certified Ethical Hacker (CEH), GIAC Web Application Penetration Tester (GWAPT), GIAC Penetration Tester (GPEN), Offensive Security Certified professional (OSCP), or other related security certifications preferred but not required

Location:
This position requires regular face-to-face interaction with teams, business stakeholders, and executives in the Salt Lake City, Utah, area. We will consider candidates in the area, able to relocate to the area, or working remotely but willing to travel regularly to Salt Lake City.

Pay Range:
$130,000 - $165,000

Zions Bancorporation’s Enterprise Technology and Operations (ETO) team is transforming what it means to work for a financial institution. We operate in a fast-paced, information-driven environment, which means we need people who bring diverse experiences, perspectives, and expertise to meet the ever-changing demands of a technology-driven world. We are grounded in the belief that “improving the work is the work” as we drive to create simple, easy, fast, and secure solutions for our customers. Your ability to adapt, learn, and innovate helps increase revenue, reduce operational costs, and mitigates risk.

ETO provides opportunities for you to own your career growth through Diversity, Equity, and Inclusion, Women in Technology, and Workforce of the Future initiatives that allow you to network across the organization, volunteer in our community, and build your technical and soft skills. Together we are building a culture that values diversity and creates a space of belonging for all our team members. We believe that investing in your success is an investment in our customers and our business. Our people are what sets us apart and make us great.