Sorry, this job is no longer accepting applications. See below for more jobs that match what you’re looking for!

Vulnerability Management Lead

Expired Job

Hsbc Jersey City , NJ 07097

Posted 3 months ago

The role of the Senior Vulnerability Management Engineer will be to work within the Vulnerability Management team within HSBC's growing Cybersecurity Technology organization! The candidate must be able to understand the workflow throughout the vulnerability management lifecycle: discovery to remediation. The candidate will help in defining, enhancing, building out, and deploying the global vulnerability scanning and consolidation solution used at HSBC. The role will interact and collaborate with a variety of teams throughout the Cybersecurity Organization, ranging from Application Security, Network Security, Infrastructure Security, Compliance etc. to help build out the bank's Vulnerability Management program. The role will also be expected to guide, assist, and mentor junior members of the team while assisting in the setting of deadlines, expectation setting, and defining objectives.


  • Can you explain the different factors of a CVSS score?
  • Can you deploy and build servers and applications in isolated environments?
  • Can you configure and use a cloud environment on the major platforms (AWS, GCP, and Azure)?
  • Can you automate the installation of software from the command line (PowerShell / Bash)?
  • Can you automate the pulling and putting of data from / to an API?
  • Can you integrate with the SDLC (Git, Jenkins, JIRA)?
  • Can you create clear and useful documentation (Confluence / Sharepoint)?
  • Can you design a secure system?
  • Can you create a resilient and scalable solution?

Expected Skills:

  • Programming Skills (Java, C#, Ruby, PHP, etc)

  • Scripting Skills (Python, Perl, Bash, etc)

  • Networking skills (TCP/IP, Subnetting, Firewalls, etc)

  • System Admin skills (Configuring / managing servers, Linux / Windows)

  • Debugging skills (Stack traces, log files, and other system outputs)

  • Any flavor SQL (MySQL, DB2, Oracle, etc)

  • Vulnerability Scanning / Pen Testing / Red or Blue Teaming Background

  • Automation and Orchestration driven mindset

  • Excellent verbal and written communication skills

  • Ability to work in and define a fast pace and team focused environment

  • Proven record of delivering and completing assigned projects and initiatives

  • Mentoring junior engineers

  • Ability to deploy large scale solutions to an enterprise estate

  • Coordination with support, operational, and customers to create product in line with goals

Preferred Skills:

  • / Nessus / Security Center (or similar Vulnerability Scanning products)
  • Vulnerability Consolidation (InsightVM, MetricStream, Archer, NetSpi Resolve, other)
  • SAST / DAST (Fortify, IBM AppScan, etc)

Nice to Have Skills:

  • Governance, Risk & Compliance experience

  • Patch Management

  • Endpoint Security

  • Machine Learning / Artificial Intelligence

HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow within an inclusive and diverse environment.


See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Cybersecurity Vulnerability Management Lead

Jpmorgan Chase & Co.

Posted 1 week ago

VIEW JOBS 12/3/2018 12:00:00 AM 2019-03-03T00:00 Apply Now Cybersecurity Vulnerability Management Lead Req #: 170038199 Location: Jersey City, NJ,US Job Category: Technology Job Description: JPMorgan Chase & Co. (NYSE: JPM) is a leading global financial services firm with assets of $2.6 trillion and operations worldwide. The firm is a leader in investment banking, financial services for consumers and small business, commercial banking, financial transaction processing, and asset management. A component of the Dow Jones Industrial Average, JPMorgan Chase & Co. serves millions of consumers in the United States and many of the world's most prominent corporate, institutional and government clients under its J.P. Morgan and Chase brands. Information about JPMorgan Chase & Co. is available at Global Cybersecurity Officers protect the firm's people, clients and information assets - ensuring the safety and soundness of the firm's business operations * Cybersecurity personnel provide subject matter expertise, thought leadership, guidance, best practice and support across all business and technology groups firm-wide as it relates to the security of JMPC, it's products, processes and technology * The Cybersecurity team drives value creation by accelerating business and technology opportunities and leads proactive, intelligence-driven operations that quickly meet and stop adversaries and build a foundational fortress for business operations in any environment * Advanced level Cybersecurity professionals are able to participate in senior level discussions on concepts, principles and issues as well as the application and implication of changes to processes, policies and procedures with perspective as they relate to Cybersecurity * Additionally, professional is able to lead intelligent analysis and actions that stop adversaries and ensure the firm's safety. Within Global Cybersecurity, the Governance, Risk & Control team seeks a Cybersecurity Vulnerability Management Lead (VP), responsible to support the Head of Cybersecurity Governance by acting as the day-to-day owner for Cybersecurity Policies, Standards and Procedures with respect to Vulnerability Management. Working within the broader JPMC Technology Risk Management framework, manage Governance Functions related to Vulnerability Risk Management for Cybersecurity. Roles and Responsibilities Manage the evolution of cybersecurity standards for a select set of Cybersecurity tools and techniques on both internal and external hosting environments. Activities include [but are not limited to]: * Ensure that all controls related to Vulnerability Management are demonstrable and sustainable, identify issues and support action plans to strengthen Vulnerability Management control effectiveness * Lead working groups of business stakeholders to proactively enhance Vulnerability Management standards in conjunction with the Firmwide Cybersecurity Program and Vulnerability Management Product and Capability Roadmaps * Proactively manage relationships with stakeholders through effective communication, including interactions with EDs and MDs on a regular basis * Ensure stability and resiliency of Cybersecurity products and services related to Vulnerability Management * Employ defense-in-depth principles along the kill chain to eliminate risk and vulnerabilities and improve security controls * As a member of the Governance, contribute to team goals and objectives * Interface with and support the work of the Cybersecurity GRC Risk and Control teams, and contribute to overall Cybersecurity GRC goals and objectives * Bachelors' degree in computer science, information systems or related field; advanced degree preferred * 8+ years of overall IT experience preferred. * 7+ years of technology experience, ideally including experience in the Financial Services and Cybersecurity or related fields. * Certified Information Security Auditor (CISA) or willingness to pursue. * Strong working knowledge of operations practices in the context of Cybersecurity * Knowledge of what constitutes a cybersecurity attack and the relationship to both threats and vulnerabilities along with the ability to identify systemic security issues * Keeps technical skills current, able to contribute to in-depth analysis of vulnerabilities, threats, designs, procedures and architectural design with focus on recommendations for enhancements or remediation. * Ability to develop and maintain strong partnerships with key stakeholders, and to work across diverse businesses and regions, balancing the needs of multiple organizations. * Effective negotiation and influencing skills. * Ability to both learn from colleagues and think outside the box. Jpmorgan Chase & Co. Jersey City NJ

Vulnerability Management Lead

Expired Job