IT Vulnerability Management Analyst I

Connecting clients to markets – and talent to opportunity with 4,300 employees and over 400,000 retail and institutional clients from more than 80 offices spread across five continents, we're a Fortune-100, Nasdaq-listed provider, connecting clients to the global markets – focusing on innovation, human connection, and providing world-class products and services to all types of investors.

Whether you want to forge a career connecting our retail clients to potential trading opportunities, or ingrain yourself in the world of institutional investing, The StoneX Group is made up of four segments that offer endless potential for progression and growth.

As a Vulnerability Management Senior Analyst, you will be responsible for supporting a new Vulnerability Management function at StoneX. You will work closely with the Vulnerability Management Manager to identify, assess risks, and monitor security vulnerabilities within SNEX's information technology infrastructure and systems.

This is an individual contributor hybrid position that requires 4 days in the office per week. If your resume doesn't perfectly line up with the role responsibilities and qualifications, we encourage you to apply anyway.  You could be one step away from work that will transform your life and career.

Key Responsibilities:

1. Conduct detailed vulnerability assessments to identify, analyze, potential vulnerabilities in software, hardware, and network systems looking at the collected data.
2. Develop and implement comprehensive strategies to evaluate the security of critical systems and infrastructure.
3. Coordinate with the teams responsible for patching to ensure Critical updates are process timely
4. Analyze and respond to Vulnerability incidents and respond with effective mitigation techniques and root cause analysis.
5. Collaborate with IT and network teams to enhance the overall security posture of the organization through strategic improvements and updates.
6. Provide technical guidance and training to team members and other departments on Vulnerability Management practices and processes.
7. Basic knowledge of MITRE ATT&CK so that can understand when engaging with SOC on potential vulnerabilities and how they interact with MITRE.
8. Stay updated with the latest security threats, technologies, and trends to continuously improve the security measures.
9. Prepare detailed reports and presentations for both technical and non-technical audiences, outlining security issues, mitigation plans, and ongoing project results.
10. Document, prioritize and formally report asset and vulnerability state, along with remediation recommendations and validation.
11. Communicate vulnerability results in a manner understood by technical and non-technical business units based on risk tolerance and threat to the business, and gain support through influential messaging

This job might be for you if:

• You enjoy learning about cyber security, threats and vulnerability and proactively protecting an organization.
• You love taking on difficult challenges, finding creative solutions, and stepping outside your comfort zone to learn and grow.
• You do not get flustered easily. If you do not know the answer, you will use the available resources to try to find the answer first. 
• You enjoy working on a team or individually to fulfill a mission.
• You are fluent in English.
• You possess excellent verbal and writing skills.
• You enjoy reading, research, and writing.
• You have a radical curiosity.
• You are motivated and driven. You volunteer for new challenges without waiting to be asked.

To land this role:

You need to exhibit a high degree of emotional intelligence, empathy, and the ability to learn quickly. The ability to write well is a requirement of this job. 

Qualifications:

• Bachelor's degree in computer science/information technology/Cybersecurity, or a related field or equivalent experience
• Minimum of 4-6 years of experience in cybersecurity, specifically in vulnerability assessments and penetration testing.
• Relevant certifications such as CompTIA Security+ and Certified Vulnerability Assessor or equivalent VAPT certifications.
• Proven expertise in using a variety of security testing tools and software. VM tools like Rapid7 Insight VM, Qualys, Tenable etc.
• Excellent problem-solving and analytical skills and critical thinking
• Strong communication skills, both written and verbal, with the ability to produce clear and concise reports.
• Ability to work independently and as part of a team in a fast-paced, high-pressure environment.
• Commitment to training, self-study and maintaining proficiency in the Vulnerability Management domain.

Preferred Qualifications

• Experience in Incident Response, Vulnerability Management, Security Operations
• Good Business communication skills, both written and verbal, as this job requires to coordinate with various Stakeholders
• Excellent Logical and Critical thinking. Need to be Analytical.

Working environment: 

• Hybrid, 4 days mandatory from office
• Travel Requirements (if applicable)