Cyber Security Analyst I-Vulnerability Management
SMBC Group is a top-tier global financial group. Headquartered in Tokyo and with a 400-year history, SMBC Group offers a diverse range of financial services, including banking, leasing, securities, credit cards, and consumer finance. The Group has more than 130 offices and 80,000 employees worldwide in nearly 40 countries.
Role Description
As a Vulnerability Management Analyst, you will be a key part of a high performing SOC team, with a desire to continually improve and advance our capabilities to protect SMBC Group. You will bring your passion for Cybersecurity to a team of dedicated professionals and leverage this passion to ensure our vulnerability remediation activities are effective and efficient and that we keep pace with a rapidly changing threat landscape.
The Vulnerability Management team is responsible for working with relevant stakeholders to identify, analyze, mitigate, and report on vulnerabilities. The goal is to take a proactive and risk-based approach to identifying and addressing gaps within SMBC to protect the Bank's network and data from a cyber-attack.
In this role, you will be responsible for configuring scans, researching the latest threats, conducting risk assessments, coordinating remediation of identified risks, and reporting on compliance levels and opportunities for improvement across the enterprise. This role requires a quick learner that is proactive, diligent, and organized.
Role Objectives
1. Triage vulnerability alerts from security tools, external intelligence providers, penetration tests, and user-reported findings to assess impact to the organization.
2. Configure network, infrastructure, and/or application vulnerability scans and policy checks and conduct manual testing as needed to validate findings.
3. Liaise with various business units to conduct vulnerability assessments, consult on risk reduction strategies, and supervise remediation.
4. Conduct attack surface risk modeling and articulate high-risk areas to stakeholders in collaboration with Threat Intelligence and Threat Hunting functions.
5. Assist in production of periodic vulnerability management reports and statistics for management.
6. Tune vulnerability management tools to increase coverage and improve processes.
7. Liaise with Optimization team to set up detections and mitigations.
8. Support culture of continuous improvement by proactively investigating new risks and opportunities to strengthen Bank's security posture.
Qualifications and Skills
1. 2+ years of security, IT, compliance, audit, risk management, consulting, or application development experience.
2. Bachelor of Information Technology, Computer Science, or similar preferable.
3. Strong understanding of MITRE ATT&CK framework.
4. In-depth knowledge of network and web-based attacks.
5. Diligent, proactive, and strong attention to detail.
6. Strong critical analysis and problem-solving abilities.
7. Strong interpersonal and communication skills (written and verbal).
8. Demonstrated strong organizational, analytical, and problem-solving skills.
9. Ability to script tasks and automate processes is a plus.
10. Working knowledge of cloud technologies and containerized environments is a plus.
Additional Requirements
SMBC’s employees participate in a hybrid workforce model that provides employees with an opportunity to work from home, as well as, from an SMBC office. SMBC requires that employees live within a reasonable commuting distance of their office location.
We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status or any other characteristic protected by law.
#J-18808-Ljbffr