Threat & Vulnerability Management Engineer
At First Republic, we care about our people.
Founded in 1985, we offer extraordinary client service in private banking, private business banking and private wealth management.
We believe that personal connections are everything and our success is driven by the relationships we form with our colleagues and clients.
You’ll always feel empowered and valued here.
Incredible teams doing exceptional work, every day
Information Security supports the business’ objectives by implementing state of the art cybersecurity technologies and practices so that we are well-prepared to protect Company’s systems and data from cyber-attacks and other unplanned disruptions.
Duties and Responsibilities
The Threat and Vulnerability Security Engineer provides security oversight to First Republic Bank’s computing environment.
Oversight is achieved by monitoring and investigating potential security vulnerabilities and threats as reported by FRB’s security tools; performing security data analytics; identifying and addressing potential data loss channels; and staying apprised of potential security challenges through the gathering and processing of cyber intelligence.
The position will work closely with other Network Security Engineers and Information Services personnel to ensure appropriate controls are in place, and to ensure that security policies are being effectively employed.
What you’ll do as a Threat & Vulnerability Mangement Engineer:
– Information Security Threat and Vulnerability Management
– Responsible for configuring vulnerability assessment tools, as well as performing scans, researching and analyzing vulnerabilities, identifying relevant threats, corrective action recommendations, summarizing and reporting results.
– Analyze penetration test results and engage with technology partners and business units in order to resolve identified vulnerabilities within SLAs.
– Approaches for addressing vulnerabilities include system patching, deployment of specialized controls, code or infrastructure changes, and changes in development processes.
– Identify and resolve any false positive findings in assessment results.
– Information Security Threat and Vulnerability
– Reporting Produce metrics and reporting on the state of system security, threat, vulnerability and patch management.
– Design and deliver actionable Information Security dashboards and scorecards.
– Analyze data sources and recommend optimal data sources to provide relevant reporting.
– Provide IT Governance metrics and reporting
– Oversee Remediation Activities:
– Manage tracking and remediation of vulnerabilities by leveraging agreed-upon action plans and timelines with responsible technology developers and support teams.
– Recommend appropriate policy, standards, process and procedural updates as part of comprehensive remediation solutions.
– Validate remediation by reviewing application updates or deployed mitigations to verify resolution.
Qualifications
You could be a great fit if you have:
– BS in Computer Science or equivalent
– Technical network (e.g.
CCNA, CCNP Security) and security certifications highly desirable (e.g.
CISA, CISSP, GCIH).
– Understanding of controls (e.g.
access control, auditing, authentication, encryption, integrity, physical security, and application security).
– Must be well versed in operating systems such as Linux as well as Windows environments, Active Directory, VPN systems, encryption schemas and algorithms, various authorization and authentication mechanisms/software, network monitoring and sniffing, TCP/IP networks and vulnerability and threat management tools (including network based scanners).
– Experience with vulnerability scanners, vulnerability management systems, patch management, and host based security systems.
Host Based Security Systems, patch management.
– Beneficial if experienced in Database Activity Monitoring Systems (DAM), and Web Application Firewalls (WAF).
– Ability to provide quality deliverables on time and on budget.
Job Demands:
– Must be able to review and analyze data reports and manuals; must be computer proficient.
– Must be able to communicate effectively via telephone and in person.
Own your work and your career
– apply now
Are you willing to take initiative and make decisions?
Are you willing to go the extra mile because you love what you do and how you can contribute as a team?
Do you want the freedom to grow and the opportunity to take charge of your own career?
If so, then come join us.
We want hard working team players.
You’ll have the independence to learn, lead and drive change.
A culture of extraordinary service, empowerment and stability—that’s the First Republic way.
Come join us!
This job description is not intended to be all-inclusive.
Employee may perform other related duties as assigned to meet the ongoing needs of the organization.
The Company is an equal opportunity employer.
In this regard, the Company makes reasonable accommodations for qualified applicants and employees with disabilities in order to enable them to perform all essential job functions, unless doing so creates an undue hardship.
First Republic is subject to federal laws that restrict the employment of individuals with certain types of criminal histories, including FDIA Section 19 and FINRA.
To the extent not inconsistent with our obligations under those federal laws and regulations, First Republic will consider qualified candidates with criminal histories in a manner consistent with the Los Angeles and San Francisco ban-the-box laws.
We’re always on the lookout for top talent and are adding new jobs every week.
First Republic Bank is committed to a policy of equal employment opportunity for all employees and applicants for employment, without regard to race, color, religion, sex, pregnancy, childbirth, sexual orientation, gender identification, national origin, ancestry, age, marital status, physical or mental disability, medical condition, genetic information, citizenship status, veteran status or any other legally protected category, in accordance with applicable federal, state and local law.
Banking products and services are offered by First Republic Bank, Member FDIC and Equal Housing Lender
Investment Advisory services are provided by First Republic Investment Management, Inc.
Trust services are provided by First Republic Trust Company and First Republic Trust Company of Delaware LLC.
Brokerage services are offered through First Republic Securities Company, LLC, Member FINRA / SIPC .
Insurance services are provided through First Republic Securities Company, DBA Grand Eagle Insurance Services, LLC, CA Insurance License # 0I13184, and First Republic Investment Management, DBA Eagle Private Insurance Services, CA Insurance License # 0K93728.
Investment, Insurance and Advisory Products and Services, and Foreign Exchange Transactions, are Not FDIC Insured or Insured by Any Federal Government Agency, Not a Deposit, Not Bank Guaranteed and May Lose Value.