Connexus Credit Union

Vulnerability Management Analyst

Connexus Credit Union

full-time

Posted on:

Location Type: Remote

Location: FloridaIllinoisUnited States

Visit company website

Explore more

AI Apply
Apply

Tech Stack

Cloud

About the role

  • Conduct regular vulnerability scanning of networks, servers, endpoints, cloud environments, and applications using approved tools.
  • Analyze scan results to identify false positives, determine exploitability, and assess business and regulatory risk.
  • Prioritize vulnerabilities based on CVSS scores, threat intelligence, asset criticality, and financial institution risk impact.
  • Track vulnerabilities through remediation, validation, and closure using ticketing or governance platforms.
  • Perform re-scans to validate remediation effectiveness.
  • Partner with IT infrastructure, application development, cloud, and network teams to remediate identified risks.
  • Monitor emerging threats, zero-day vulnerabilities, and industry advisories relevant to financial services.
  • Support and maintain enterprise vulnerability management tools (such as Tenable, Nessus, Burp, Qualys, Rapid7, Wiz, Prisma, Microsoft Defender), ensuring timely updates and patches.
  • Run the daily vulnerability management program operations, work closely with the patch management analyst in identifying and patching vulnerabilities, and actively participate in weekly vulnerability management team meetings.

Requirements

  • Bachelor's degree or commensurate experience is Required.
  • 3+ years professional work experience in vulnerability management, security operations, or IT risk within a regulated environment is Required.
  • Hands-on experience with vulnerability scanning tools, such as: Tenable (Nessus, Tenable.io), Qualys, Rapid7 or similar platforms is Required.
  • Prior financial industry regulations and frameworks (FFIEC, NCUA, GLBA, NIST) is Required.
  • Strong knowledge of vulnerability scanning technologies and methods, including scoring systems (CVSS, CMSS) and risk prioritization frameworks is Required.
  • Global Information Assurance Certification (GIAC), GIAC Security Essentials Certification (GSEC) or Enterprise Vulnerability Assessor Certification (GEVA) is Required.
Benefits
  • 25 days of paid time off and 10 paid holidays
  • 16 hours of paid Volunteer Time Off
  • 401K Retirement with up to 6% employer match
  • Excellent Health, Dental, Vision insurance, including multiple plan options
  • Health Savings Account with generous employer contributions
  • Employer paid Life insurance, Short-Term and Long-Term Disability
  • Tuition Reimbursement from $4,000 - $7,000 per calendar year
  • Robust Learning and Development program that includes an annual professional development stipend
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
vulnerability managementvulnerability scanningrisk assessmentremediationexploitability analysisthreat intelligenceCVSSscoring systemspatch managementsecurity operations
Certifications
Bachelor's degreeGlobal Information Assurance Certification (GIAC)GIAC Security Essentials Certification (GSEC)Enterprise Vulnerability Assessor Certification (GEVA)