Vulnerability Analyst (Fintech)
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Vulnerability Analyst (Cybersecurity/Fintech): Reducing risk to global IT infrastructure by executing a risk-based vulnerability management (RBVM) program with an accent on scan analysis, remediation coordination, and automation. Focus on integrating security data from multiple technologies, automating detection workflows, and assessing emerging threats to strengthen the organization's security posture.
Location: Must be based in Chicago, IL; follows a four-day in-office work model. Candidates must be legally authorized to work in the United States without visa sponsorship.
Salary: $93,500–$121,000
Company
provides the financial infrastructure that powers the global economy, delivering cutting-edge trading, clearing, and investment solutions.
What you will do
- Execute and improve the Risk-Based Vulnerability Management (RBVM) program to reduce global IT infrastructure risk.
- Analyze vulnerability scan results and coordinate remediation efforts with global infrastructure and application teams.
- Automate and integrate vulnerability detection, analysis, and reporting to improve scalability and accuracy.
- Normalize security data from various technologies to streamline analysis and response.
- Partner cross-functionally to ensure policy compliance and continuous improvement of security controls.
- Evaluate emerging threats and vulnerabilities to assess their impact on the organization's security posture.
Requirements
- Minimum 1 year of experience in security or security-adjacent roles and 1 year in core IT (system or network administration).
- Hands-on experience with vulnerability management tools such as Qualys, Tenable, Rapid7, Wiz, Reco, Obsidian, AppOmni, or Aqua.
- Scripting and automation skills using Python.
- Proficiency with Linux/Unix and Windows environments and network device debugging.
- Experience creating reporting visualizations using tools such as Power BI, Sigma, or Snowflake.
- Must be legally authorized to work in the US without the need for employer sponsorship now or in the future.
Nice to have
- Bachelor's degree in Cybersecurity, Computer Science, Engineering, or a related technical field.
- Information security certifications such as GPEN, Security+, CISSP, OSCP, CEH, or LPT.
- Experience using Atlassian Jira and Confluence, including workflow design and automation.
- Advanced usage of AI productivity tools such as Copilot, Claude Code, or Cursor.
Culture & Benefits
- Competitive salary and incentive compensation packages with upside for overachievement.
- 2:1 401(k) match, up to 8% immediately upon hire.
- Flexible, hybrid work environment with a four-day in-office model.
- Comprehensive health, dental, and vision benefits, including telemedicine and mental health services.
- Generous paid time off, including vacation, personal, sick, and community service days.
- Perks include complimentary office lunch, snacks, coffee, and tuition assistance.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →