Lead, Security Engineer V&CM

Remote Full-time
OVERVIEW



The Company



U.S. Financial Technology (U.S. FinTech) is seeking an experienced Lead, Security Engineer Vulnerability and Configuration Management to join our team of talented professionals. This is a full-time remote opportunity.



U.S. FinTech built and operates the largest and most advanced mortgage securitization platform in the world, supporting the Uniform Mortgage-Backed Security (UMBS) of Fannie Mae and Freddie Mac.



Supporting 70% of the mortgage-backed securities in the market, U.S. FinTech provides best-in-class single-family issuance, bond administration, disclosure, and tax services. We support a broad portfolio of products for our clients with full lifecycle management.



Our market-leading, cloud-based, end-to-end platform executes transactions on an extraordinary scale which has bolstered liquidity in the secondary mortgage market, one of the largest and most important financial markets in the world. Our unique approach to securitization combines the best minds in financial services with the know-how, flexibility, and innovation of leading technologists.

RESPONSIBILITIES



Job Information

The Lead Vulnerability and Compliance Analyst main responsibilities would be to act as a Subject Matter Expert for all programs within the VCM space. This would include conducting comprehensive vulnerability assessments using tools such as Wiz and Tenable. Leverage strong analytical and problem-solving skills to identify weaknesses in US FinTech’s IT Infrastructure. Communicate findings effectively, via reports/meetings to prioritize vulnerability remediation. Utilize the developed processes to track, prioritize, and ensure remediation of found vulnerability and compliance issues. Continuous monitor US FinTech infrastructure for Vulnerability and Compliance related issues. Make Improvements to monitors, scans, dashboards, and reporting. Ability to work independently and in a team environment, collaborate effectively with other InfoSec Teams and IT Infrastructure teams. Eager to learn and adapt to emerging cloud technologies and tools in a fast-paced environment.

Key Job Functions

Vulnerability Assessment

Act as a Subject Matter Expert for the VCM program, processes, and tooling.

Configure, tune, and maintain vulnerability management tools

Work with Security Architecture on new build outs, new business, new technologies, new environments to ensure coverage of VCM programs, processes, and tooling.

Build out new Security baselines for CIS, DISA STIG, and custom baselines.

Correlate Vulnerabilities with threat intelligence to assess exploitability and risk. Work with Cyber Security Operations Center to ensure mitigations are in place while vulnerabilities are being remediated

Provide detailed risk assessments for discovered vulnerabilities.

Enforce remediation timelines in accordance with Standard Operating Procedures.

Remediation Tracking & Reporting



Collaborate with IT and DevOps teams to ensure timely remediation of vulnerabilities

Conduct regular and ad-hoc vulnerability scans using tools like Wiz or Tenable

Integrate tools with all cloud environments. Ensure complete coverage of all IT environments.

Ensure alignment with internal security policies, regulatory requirements (NIST/SOC), and industry best practices.

Support audits and assessments by providing evidence and documentation.

Stakeholder Engagement



Act as a liaison between security, IT, development, and risk teams

Provide clear, actionable recommendations tailored to technical and non-technical audiences.

Mentor Junior Analysts



Provide guidance and training to junior members of the VCM team.

Process Improvements



Identify potential gaps in the vulnerability or compliance management programs and propose improvements.

Develop and maintain Standard Operating Procedures, Frameworks, and Job Aids/HowTos.

QUALIFICATIONS



Education

Bachelor's Degree or equivalent required.BA/BS degree in Computer Science, Information Systems, Cyber Security or a related technical field. Master’s Degree is a plus.



Minimum Experience



Minimum of 7 years of experience with security engineering and operations, as well as experience managing and supporting large, complex mission-critical systems and with Vulnerability management tools, patching processes and tools, VM operation/workflow, or configuration/Baseline/File-integrity monitoring applications and processes.

Applicants must be authorized to work in the US without requiring employer sponsorship currently or in the future. U.S. FinTech does not offer H-1B sponsorship for this position.



Specialized Knowledge & Skills



Subject matter expert of cloud based critical infrastructure systems and security threats for these systems (AWS Cloud experience required)

Subject matter expert with cyber security in the domains of vulnerability and compliance management.

Familiarity with latest security vulnerabilities, advisories, incidents, penetration techniques, understanding of attacks, and determination of countermeasures.

Subject matter expert of network and system vulnerabilities, malware, networking protocols, multi-tiered applications, and attack methods to exploit vulnerabilities.

Experience in senior technical security role, including network security, operating system security, Internet or Web security, and vulnerability testing.

Strong knowledge of networking fundamentals such as TCP/IP and basic packet analysis, network engineering, and local and wide area (LAN/WAN) technologies and topologies.

Must have experience conducting comprehensive vulnerability assessments with vulnerability monitoring tools (Wiz and Tenable).

General knowledge and experience in Windows / Linux Operating Systems, baseline security configurations, audit, forensics, Patch Management for these OSs.

Experience developing Standard Operating Procedures (SOPs), job aids, and hands-on training materials.

Be able to work in fast paced environment with occasional on-call activities.

Excellent interpersonal skills, presentation skills, and verbal / written communication skills.

Self-starter; adaptable to change; motivated to set personal and program goals and pro-actively track performance against goals and initiatives.

Ability to manage multiple priorities – projects, deliverables, and stakeholders.

Ability to influence peers and management; ability to team cross-functionally and form relationships to achieve objectives.

Active in the security industry; equipped with external networking relationships to maintain relevant knowledge of best practices, tactics, strategies and technologies.

AWS Security, AWS Architect certifications desired.

Pay Range $156,500 to $181,000

U.S. FinTech's pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) a candidate’s qualifications, skills, competencies, and experience, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law. U.S. FinTech offers a competitive total compensation package, which includes a performance bonus, 401k match, healthcare coverage, PTO, and a broad range of other benefits.



Employment

As a condition of employment with U.S. Financial Technology, any successful job applicant will be required to successfully complete a background investigation, which may also include a credit check for positions in some areas of our business.



U.S. Financial Technology is an Equal Opportunity Employer.



##LI-Remote
Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Analyst, Resy Revenue Operations

Remote

Part-Time Customer Service Representative – Member & Provider Support Specialist at arenaflex

Remote

Data Entry Typist - Part-Time Remote Opportunity with blithequark

Remote

Team Lead – Principal Software Engineer - TS/SCI

Remote

Intercultural Programs Administrative Associate

Remote

Lifecycle Marketing Specialist (Email & SMS Focus)

Remote

CVS Customer Service Representative Remote Jobs - Currently Recruiting

Remote

Delta Remote Jobs (Data Entry) Work From Home

Remote

Remote Call Center Representative

Remote

Remote Chat Moderator Opportunity at blithequark - Work from Home with Competitive Pay ($25-$35/hr) and No Experience Required

Remote
← Back