The Bancorp Bank

  • VP Threat and Vulnerability Officer

    Job Location US-DE-Wilmington
    Type
    Regular Full-Time
  • Overview

    Position Summary

    Lead the testing activities to identify, prioritize and resolve threats and vulnerabilities in computer systems and networks throughout the corporate environment. Configure, manage and maintain security tools for prevention, detection and identification of cyber threats. Evaluate vendors and tools used to identify and track vulnerabilities and their remediation across all corporate systems. Mentor junior staff to help develop their skills and abilities in security testing.

    Responsibilities

    Duties and Responsibilities:   

    1. Perform monthly scans using scanners such as Nmap, Nessus Qualys, etc., to identify and track vulnerabilities and fixes.
    2. Direct and conduct penetration tests and testing on an as needed basis.
    3. Use custom scripts to facilitate security testing.
    4. Mentor testing staff and help in their development of testing skills.
    5. Lead the monitoring of web traffic for patterns of malicious activity.
    6. Lead the monitoring of the main Anti-virus console for infected machines and investigate them.
    7. Configure, administer and monitor the SIEM solution (Alien Vault).
    8. Evaluate products and technologies for improving the banks security posture.   
    9. Participate in the Integration of threat modeling practices into the vulnerability management standards, policies, procedures and protocols.
    10. Maintain close working relationships with internal departments and external vendors and partners to communicate technical issues and vulnerability findings.
    11. Translate complex security issues into layman’s language, providing support and assistance as needed to ensure understanding and action by the appropriate parties.
    12. Research and keep abreast of information security issues and incidents occurring nationally and internationally while defining and advancing threat and risk concerns.
    13. Perform user access reviews for regulatory reasons (for example PCI and GLBA) as needed.
    14. Perform vendor security reviews as needed.
    15. Perform other related duties as assigned.

    Qualifications

    Education/Experience:

    • An undergraduate degree in information systems or a related field
    • A minimum of 5 – 8 years related hands on experience in security assurance, penetration testing or vulnerability management, security systems including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.
    • Previous experience with application security source code reviews, commercial and open-source network and application testing tools
    • Certifications in one or more of the following: CISSP, GIAC, CEH, ECSA

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed