Cyber Risk Analyst, AVP

New York, NY (Hybrid) Salary Range: $110,000 - $130,000 The Cyber Risk Analyst acts as a subject matter expert in vulnerability management and plays a key role in mitigating enterprise risk for Apple Bank. This position is responsible for utilizing the Qualys platform to identify, assess, and prioritize vulnerabilities, while collaborating closely with IT and other business units throughout the organization to facilitate prompt remediation. Additionally, the Analyst will support security information and event management (SIEM) operations, identity monitoring, and broader security operations center (SOC) activities in coordination with the Bank’s managed security service provider (MSSP). ESSENTIAL DUTIES & RESPONSIBILITIES Act as a subject matter expert on vulnerability management, providing guidance on the identification, assessment, and remediation of vulnerabilities using Qualys. Perform regular Qualys scans, validate results, and prioritize findings based on risk and business impact. Partner with IT teams and system owners to recommend remediation strategies, apply compensating controls, and track remediation progress. Provide input on vulnerability management processes and help refine workflows to improve efficiency and reduce risk exposure. Generate key performance and risk metrics to demonstrate vulnerability management progress and security value to management. Integrate vulnerability data into SIEM platforms to improve detection capabilities and incident response readiness. Recommend new detections for SIEM data sources and continuously tune existing detections to reduce false positives and improve visibility into true threats. Investigate identity-related alerts using Microsoft Defender for Identity to detect compromised accounts and abnormal activity. Support proactive investigations into malware, phishing, and anomalous behaviors with a focus on identifying root causes and driving remediation. Maintain up-to-date documentation and playbooks for vulnerability management activities, SOC processes, and detection use cases. Stay current on emerging threats, newly disclosed common vulnerabilities and exposures (CVEs), and attack techniques to advise leadership on risk implications. Provide timely reporting on open vulnerabilities, remediation status, SOC tickets, and overall incident trends. Perform additional duties as assigned. SKILLS, EDUCATION, & EXPERIENCE A bachelor’s degree in computer science, information systems management, or a related discipline is preferred; alternatively, demonstrated equivalent experience and expertise will be considered. Minimum of 4 years of practical experience in vulnerability management platforms (with a strong preference for Qualys), including activities such as scanning, risk scoring, and providing remediation support. Previous experience within the financial services or banking sector is highly desirable. Proficiency with SIEM platforms and identity monitoring solutions (e.g., Microsoft Defender for Identity). Exceptional communication abilities with the capability to convey technical vulnerabilities in terms relevant to business risk. Proven ability to work autonomously, effectively prioritize assignments, and drive remediation efforts through to completion. Comprehensive understanding of security concepts, including CVEs, patch management, and compensating controls. Experience in developing or refining detection rules within SIEM environments. Background in threat hunting or incident response. Experience working with Google SecOps (Chronicle) or other cloud-native SIEM solutions. Knowledge of regulatory frameworks such as FFIEC, GLBA, NIST, and their relevance to vulnerability and risk management practices. Familiarity with security technologies including firewalls, email filtering systems, and CASB solutions. Willingness and availability to provide support outside standard business hours. Visa sponsorship not available. We are an equal opportunity employer and do not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, military and/or veteran status, or any other Federal or State legally-protected classes. Since 1863, Apple Bank has been a stable banking presence in New York City and its surrounding communities. We seek to put the best interests of our customers first and to manage our company prudently and responsibly. When you join the Apple Bank team, you’ll be working with a group of dedicated and talented professionals focused on delivery of an outstanding customer experience. For more than 160 years, Apple Bank has been invested in our customers and communities, striving always to put their best interests first. Along the way, our employees have been the key to our success. Whether you’re just beginning, continuing or changing your career, Apple Bank offers a range of career opportunities. We’ll support you in developing your potential to the fullest, while you contribute to our growth and success. Apple Bank's employment policy is to provide equal opportunity to all persons. The Bank prides itself in having a diverse and inclusive workforce. No employee or applicant for employment will be discriminated against because of race, color, citizenship status, religion, sex, sexual orientation, creed, national origin, age, physical or mental disability, veteran status, political affiliation, domestic violence victim status, predisposing genetic characteristic, or any other Federal or State legally-protected classes. Apple Bank will make reasonable accommodations for known physical or mental limitations of otherwise qualified employees and applicants with disabilities unless the accommodation would impose an undue hardship on the operation of our business. If you are interested in applying for an employment opportunity and feel you need a reasonable accommodation pursuant to the ADA, please contact us at [email protected]. Know Your Rights: The Pay Transparency Notice: Apply tot his job