Principal Cyber Vulnerability Engineer

The Cyber Vulnerability Operations Team consists of both the Application Security (AppSec) teams and the Vulnerability Management Operations (VM Ops) teams. Together, the Vulnerability Operations team collaborates with peers across Comerica to provide visibility into vulnerabilities within applications and infrastructure and ensures they are remediated, as well as facilitates and enforces the use of secure development practices across the bank. The Principal Cyber Vulnerability Operations Engineer role is responsible for vulnerability scanning, prioritizing vulnerabilities, and driving remediations while partnering with the application and infrastructure teams. The ideal candidate for this role will have hands-on expertise working in vulnerability management and operations and will have knowledge of tools and technologies such as Qualys, PowerBI, attack surface management, Cloud, and expertise in at least one programming language. This candidate will be experienced working with cross-functional teams in vulnerability management and prioritization and will have the ability to automate while using a programming language. The ideal candidate with have technical and non-technical risk and vulnerability assessment background in network, infrastructure, and application space, as well as experience with ServiceNow VR module added plus. CISSP/SANS/Cloud Certification desired.

Position Responsibilities:

Vulnerability Management Operations

• Perform vulnerability assessments and common baseline control scans across the Comerica environment and report on Key Risks Indicators (KRIs).
• Lead security vulnerabilities and risk management activities across Comerica, including identifying vulnerabilities and supporting application/system owners to manage risks/remediate vulnerabilities.
• Establish and mature processes around vulnerability management, remediation, and reporting.
• Lead key projects such as vulnerability prioritization to remediate critical key vulnerabilities.
• Participate in vendor evaluations and selection for vulnerability management products, such as external attack surface management. Implement and support those products on a continuous basis.
• Stay current on vulnerability management best practices across the industry.

Administration & Reporting

• Develop a comprehensive set of metrics to track on enterprise risks and remediation trends and keep Management informed of them through accurate, timely, and appropriate reporting.
• Support monthly KRI reporting through data collection, working with application and infrastructure teams to remediate vulnerabilities.
• Create presentations based off KRI materials and keep Management informed of them.

Technical Consulting & Communication

• Drive technical excellence and implementation of vulnerability management best practices in collaboration with technology teams across the enterprise.
• Provide consultation to and work closely with other functional infrastructure areas/departments on multiple initiatives to meet common organizational/business goals and objectives.
• Collaborate with business units, application and infrastructure teams, and vendors to identify, review and evaluate solution requirements.
• Automate existing manual processes in order to create improved processes and create faster delivery.
• Coach and mentor more junior team members and application teams on vulnerability remediation efforts.

Risk Management

• Identify and communicate gaps in our vulnerability management practices.
• Participate in Red Team exercises to identify potential vulnerabilities proactively.
• Partner with application and infrastructure owners to provide consulting on vulnerability remediation to allow them to appropriately remediate large highly complex vulnerabilities within the SLA (service level agreement) and reduce risk for the bank.
• Develop cyber vulnerability analysis for known vulnerabilities, as well as cyber-related metrics and reporting deliverables.

Position Qualifications:

• Bachelor's Degree from an accredited university in Computer Science, Engineering, Information Systems, Cybersecurity, or Business Administration OR equivalent through a combination of High School/GED education and/or technology experience OR 12 years of relevant experience
• 6 years of experience in Cyber or Information Security, preferably in Vulnerability Management and Security in the financial services industry
• 5 years of experience in collaborating across Enterprise IT and Security to remediate vulnerabilities identified
• 3 years of experience with programming concepts and fundaments (e.g. Python, .Net, Java, Java Script, or Powershell) and ability to automate with those tools
• 3 years in performing technical and non-technical risk and vulnerability assessments of relevant technology focus areas like network and infrastructure, local compute, cloud infrastructure, applications.
• 3 years of experience in automating manual processes
• 2 years of experience in vulnerability and configuration management for Cloud infrastructure
• 2 years of experience with vulnerability prioritization, external attack surface management
• 2 years of experience with coaching /mentoring contractors/junior team members.
• 2 years of experience Vulnerability assessments, including creating, maintaining, and troubleshooting scan configurations across the enterprise
• 2 years of experience with Vulnerability Management across cloud platforms and with EVM management/prioritization
• 2 years of experience with endpoint protection technologies