[Remote] Vulnerability Management Analyst

Remote Full-time
Note: The job is a remote job and is open to candidates in USA. Connexus Credit Union is a member-focused cooperative serving members across all 50 states. They are seeking a Vulnerability Management Analyst to conduct vulnerability scans, analyze results, prioritize vulnerabilities, and ensure compliance with regulatory guidance while collaborating with various teams to remediate identified risks.ResponsibilitiesConduct regular vulnerability scanning of networks, servers, endpoints, cloud environments, and applications using approved toolsAnalyze scan results to identify false positives, determine exploitability, and assess business and regulatory riskPrioritize vulnerabilities based on CVSS scores, threat intelligence, asset criticality, and financial institution risk impactTrack vulnerabilities through remediation, validation, and closure using ticketing or governance platformsPerform re-scans to validate remediation effectivenessEnsure vulnerability management practices align with, FFIEC Cybersecurity Assessment Tool (CAT), NCUA or banking regulatory guidance, GLBA Safeguards Rule and Internal Information Security and Risk Management policiesPrepare documentation, metrics, and evidence for internal audits, regulatory exams, and third-party assessmentsSupport risk acceptance decisions by documenting compensating controls and residual riskPartner with IT infrastructure, application development, cloud, and network teams to remediate identified risksTranslate technical vulnerabilities into clear business risk language for leadership and non-technical stakeholdersProvide guidance on secure configuration, patching, and vulnerability mitigation strategiesParticipate in security incident response activities when vulnerabilities are exploited or pose imminent riskMonitor emerging threats, zero-day vulnerabilities, and industry advisories relevant to financial servicesContribute to vulnerability management policies, standards, and proceduresAssist with penetration testing coordination and result analysisCollect, organize, and maintain security control evidence and artifacts for monthly continuous monitoring deliverables and assessment/authorization activities, ensuring alignment with required frameworksMaintain accurate system inventory and authorization boundary documentation to ensure scanning scope aligns with approved system boundariesAnalyze scan results for false positives, document justifications, and prepare deviation requests with supporting risk assessmentsParticipate in change management processes to ensure continuous monitoring activities align with system changes and maintain compliance postureSupport and maintain enterprise vulnerability management tools (such as Tenable, Nessus, Burp, Qualys, Rapid7, Wiz, Prisma, Microsoft Defender), ensuring timely updates and patchesRun regular and on-demand scans across operating systems, databases, web applications, and containers, then work with technical teams to create tickets for remediationTrack and document vendor dependencies, operational requirements, and open vulnerabilities, producing clear monthly reports and updatesContribute to improving internal standards and processes, including maintaining documentation, training materials, and standard operating proceduresRun the daily vulnerability management program operations, work closely with the patch management analyst in identifying and patching vulnerabilities, and actively participate in weekly vulnerability management team meetingsComply with all Federal Regulations as they pertain to your job duties, including BSASkillsBachelor's degree in Information Security, Computer Science, Information Technology or commensurate experience is Required3+ years professional work experience in vulnerability management, security operations, or IT risk within a regulated environment is RequiredPrior financial industry regulations and frameworks (FFIEC, NCUA, GLBA, NIST) is RequiredHands-on experience with vulnerability scanning tools, such as: Tenable (Nessus, Tenable.io), Qualys, Rapid7 or similar platforms is RequiredStrong understanding of, network, operating system, and application vulnerabilities, patch management processes, and secure configuration standards (CIS Benchmarks) is RequiredStrong knowledge of vulnerability scanning technologies and methods, including scoring systems (CVSS, CMSS) and risk prioritization frameworks is RequiredExperience delivering monthly or periodic vulnerability status reports and tracking remediation efforts with internal and external teams is RequiredThe GIAC (GSEC or GEVA) certification is preferred upon hire although required to be completed within 6 months of hireBenefits25 days of paid time off and 10 paid holidays16 hours of paid Volunteer Time Off401K Retirement with up to 6% employer matchExcellent Health, Dental, Vision insurance, including multiple plan optionsHealth Savings Account with generous employer contributionsEmployer paid Life insurance, Short-Term and Long-Term DisabilityTuition Reimbursement from $4,000 - $7,000 per calendar yearRobust Learning and Development program that includes an annual professional development stipendCompany OverviewConnexus Credit Union provides accounting, financial, banking, loan, savings and credit services. It was founded in 1935, and is headquartered in Wausau, Wisconsin, USA, with a workforce of 501-1000 employees. Its website is https://www.connexuscu.org/.

Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Experienced Part-Time Data Entry Specialist for Remote Operations – Accurate Data Management and Entry for Exceptional Customer Experiences

Remote

Lead Legal Gobierno Corporativo y Regulatorio

Remote

(Entry Level/No Experience) Tiktok Remote Jobs - Apply Today

Remote

Sales Development Representative

Remote

Open Interviews - Stop by and meet with us!

Remote

Project Manager / Senior Project Manager, Australia

Remote

**Experienced Data Entry Specialist – Virtual Remote Opportunity with American Express**

Remote

Mortgage Loan Officer (VA/MD/NC & DC Roles Remote available!)

Remote

Customer Assistance Representative – Phoenix Airport Guest Services Specialist – Frontline Travel Experience Champion at careerzynith

Remote

Account Executive- Online Division- Community College- Grand Canyon

Remote
← Back