Address
Form of workOverview
If you're looking for a high-energy, inclusive atmosphere and a company that understands the importance of work/life balance, Commonwealth is your match! From generous bonus and 401(k) programs to tuition reimbursement and flexible work schedules, Commonwealth is focused on helping its employees thrive in an environment suited to their needs. On top of all that, the Information Security department offers a hybrid work schedule, so you'll be able to work from home for part of the week!
We're looking for a Vulnerability Management Lead to join our ranks. Our vision is to be recognized as a leading Information security function within the financial sector, a leader and trusted partner delivering indispensable and reliable services to our advisors, customers, and communities. As a Vulnerability Management Lead, you will be a key member of the Information Security Operations team. This position is critical to defensive operational capabilities and for providing excellent services in defending Commonwealth infrastructure as well as the clients we serve. The role helps to identify, normalize, prioritize, and treat vulnerabilities, while serving as a remediation coordinator across disparate IT teams.
This role is ideal for those seeking a challenge in a growing business, providing indispensable services to our user communities and being part of their success. This is a new role with a new team, which has recently transformed to new ways of working. We are looking for an experienced Vulnerability Management specialist with practical security knowledge and an aptitude for program development. This is a great opportunity to help plan, build, and operate a new function for a leading financial services provider.
Key Responsibilities
Core Strengths and Skills
Additional Desirable Skills and Knowledge
Have we piqued your curiosity? Can you see yourself thriving in this opportunity? Let's introduce ourselves.
Picture Yourself Here
At Commonwealth, we believe in a better world. We hold ourselves and each other to higher standards. We take care of one another. That's why we invest in you-we encourage employee growth both in your career and education; we are building out a robust diversity, equity, and inclusion program; we offer incredible health care benefits; and we find plenty of occasions to celebrate. What's not to love?
We are always striving to be better, and we are looking for employees who share that same mindset. Better people, better coworkers, better leaders, better creators. Bring your best work and your full self to the table, and we will do the same. Together, we can build a better future for our advisors, their clients, our company, and you.
About Commonwealth
Commonwealth Financial Network, Member FINRA/SIPC, a Registered Investment Adviser, provides a suite of business solutions that empowers more than 2,000 independent financial advisors nationwide. Privately held since 1979, the firm has headquarters in Waltham, Massachusetts, and San Diego, California.
Turning our advisors into raving fans starts by doing the same for our employees. We foster an environment of excellence, growth, rewards, and fun in equal measure, which has earned us 43 Best Place to Work awards.
The Fine Print
We care about your online safety as a prospective employee and encourage you to exercise caution when responding to job postings online. Commonwealth will never ask potential hiring candidates to pay or transfer funds as a precondition of interviews or employment, nor will we authorize recruiters or agents to do so on our behalf.
Commonwealth is an equal opportunity employer, making intentional efforts to source talent from all backgrounds.
Min
USD $120,500.00/Yr.
Max
USD $140,000.00/Yr.
If you're looking for a high-energy, inclusive atmosphere and a company that understands the importance of work/life balance, Commonwealth is your match! From generous bonus and 401(k) programs to tuition reimbursement and flexible work schedules, Commonwealth is focused on helping its employees thrive in an environment suited to their needs. On top of all that, the Information Security department offers a hybrid work schedule, so you'll be able to work from home for part of the week!
We're looking for a Vulnerability Management Lead to join our ranks. Our vision is to be recognized as a leading Information security function within the financial sector, a leader and trusted partner delivering indispensable and reliable services to our advisors, customers, and communities. As a Vulnerability Management Lead, you will be a key member of the Information Security Operations team. This position is critical to defensive operational capabilities and for providing excellent services in defending Commonwealth infrastructure as well as the clients we serve. The role helps to identify, normalize, prioritize, and treat vulnerabilities, while serving as a remediation coordinator across disparate IT teams.
This role is ideal for those seeking a challenge in a growing business, providing indispensable services to our user communities and being part of their success. This is a new role with a new team, which has recently transformed to new ways of working. We are looking for an experienced Vulnerability Management specialist with practical security knowledge and an aptitude for program development. This is a great opportunity to help plan, build, and operate a new function for a leading financial services provider.
Key Responsibilities
- Serve as an individual contributor and subject-matter expert on the Commonwealth Security Operations team.
- Build, operate, and maintain a Vulnerability Management function capable of performing and supporting authenticated and unauthenticated scans for all approved systems.
- Perform and conduct automated penetration tests using AI-informed solutions.
- Inject security testing processes into the CI/CD pipeline and represent DevSecOps best-practices with applications and infrastructure teams.
- Initiate and carry out cyber incident response procedures when vulnerabilities are determined to be exploited within the network.
- Leverage threat intelligence and risk assessment findings to scope scanning and environmental review exercises.
- Drive the development of remediation practices across the IT group and advocate for risk reduction and risk mitigation strategies.
- Analyze assessment results to properly react to security weaknesses or vulnerabilities.
- Prepare and maintain technical documentation of VM program including requirements, architecture designs, and network topology.
- Mentor and train junior team members in best practices.
Core Strengths and Skills
- 5+ years of experience in Vulnerability Management, penetration testing, or related discipline.
- Proficiency with Vulnerability Management solutions, penetration testing frameworks, and best practice application (Rapid7 and Metasploit experience preferred).
- Proficiency with Azure Public Cloud and Azure Sentinel SIEM capabilities.
- Proficiency with Azure Defender for Cloud and leveraging vulnerability solutions in a cloud context.
- Proficiency running internal and external network vulnerability scans to meet regulatory requirements.
- Vulnerability lifecycle management, including asset discovery, enumeration, and methods of proactive mitigation.
- Understanding of how to triage vulnerabilities and validate tool findings before reporting them.
- Experience with penetration testing methodologies and conducting external vulnerability tests.
- Ability to demonstrate knowledge incident response best practices.
- Bachelor's degree in information systems, information security, or related field.
Additional Desirable Skills and Knowledge
- Relevant certifications (GEVA, GPEN, GCIH, OSCP, eCPPT)
- Knowledge of scripting languages (Python, Bash, PowerShell)
- Knowledge of common information security management frameworks, such as NIST and CIS
- Understanding of the best practices, control frameworks, and applicable existing and new legal/regulatory requirements (SEC S-P Rule, FINRA cybersecurity recommendations, data privacy and breach notification laws, ISO 27001, NIST CSF and SP 800-53, CIS, CSA CCM, PCI DSS, etc.)
Have we piqued your curiosity? Can you see yourself thriving in this opportunity? Let's introduce ourselves.
Picture Yourself Here
At Commonwealth, we believe in a better world. We hold ourselves and each other to higher standards. We take care of one another. That's why we invest in you-we encourage employee growth both in your career and education; we are building out a robust diversity, equity, and inclusion program; we offer incredible health care benefits; and we find plenty of occasions to celebrate. What's not to love?
We are always striving to be better, and we are looking for employees who share that same mindset. Better people, better coworkers, better leaders, better creators. Bring your best work and your full self to the table, and we will do the same. Together, we can build a better future for our advisors, their clients, our company, and you.
About Commonwealth
Commonwealth Financial Network, Member FINRA/SIPC, a Registered Investment Adviser, provides a suite of business solutions that empowers more than 2,000 independent financial advisors nationwide. Privately held since 1979, the firm has headquarters in Waltham, Massachusetts, and San Diego, California.
Turning our advisors into raving fans starts by doing the same for our employees. We foster an environment of excellence, growth, rewards, and fun in equal measure, which has earned us 43 Best Place to Work awards.
The Fine Print
We care about your online safety as a prospective employee and encourage you to exercise caution when responding to job postings online. Commonwealth will never ask potential hiring candidates to pay or transfer funds as a precondition of interviews or employment, nor will we authorize recruiters or agents to do so on our behalf.
Commonwealth is an equal opportunity employer, making intentional efforts to source talent from all backgrounds.
Min
USD $120,500.00/Yr.
Max
USD $140,000.00/Yr.
