Senior Vulnerability Analyst

at  Veritex Bank

JOB SUMMARY:

We are seeking an experienced Vulnerability Analyst to join our security team. The successful candidate will be responsible for identifying and analyzing vulnerabilities in our systems and applications and collaborating with other team members to develop and implement remediation plans. The role requires a deep understanding of security principles, best practices, and experience with vulnerability scanning and assessment tools such as Intune, SCCM, Tanium, and Tenable.
As a Vulnerability Analyst, you will play a critical role in ensuring the security of our organization’s systems and data. You will work collaboratively with other members of the security team and IT teams to identify and remediate vulnerabilities in our environment. This position offers the opportunity to work with advanced security tools and technologies and to stay updated with the latest security trends and threats.

REQUIRED SKILLS AND QUALIFICATIONS:

Bachelor’s degree in Computer Science, Information Technology, or a related field; or 10 years of equivalent experience.
Minimum of 5-7 years of experience in information security, focusing on vulnerability management and assessment.
Proficiency with vulnerability scanning and assessment tools such as Intune, SCCM, Tanium, and Tenable.
Strong understanding of security principles, frameworks (e.g., NIST, ISO 27001, PCI DSS), and best practices.
Excellent analytical, problem-solving, and communication skills.
Ability to work independently and as a collaborative team member.
Relevant industry certifications such as CISSP, CISA, GIACare a plus.
Experience with ServiceNow Security Operations.
Familiarity with common network and system architectures and cloud security solutions (e.g., AWS, Azure).
Experience with security incident response processes, SIEM platforms (e.g., Splunk, ArcSight, LogRhythm), EDR tools (e.g., Carbon Black, CrowdStrike, SentinelOne), and SOAR platforms (e.g., Demisto, Phantom, Swimlane).
Strong scripting skills in languages like Pythonor PowerShell.

PREFERRED EXPERIENCE:

Experience with Security Information and Event Management (SIEM)platforms (e.g., IBM QRadar, McAfee Enterprise Security Manager, Rapid7 InsightIDR).
Knowledge of Network Intrusion Detection and Prevention Systems (NIDS/NIPS)(e.g., Snort, Suricata, Bro).
Familiarity with Cloud Security Posture Management (CSPM)tools (e.g., CloudCheckr, Dome9, Prisma Cloud).
Experience with Identity and Access Management (IAM)solutions (e.g., Okta, Ping Identity, ForgeRock).
Understanding of Data Loss Prevention (DLP)solutions (e.g., Symantec DLP, McAfee DLP, Forcepoint DLP).

COMPANY OVERVIEW:

Truth in Texas Banking. That’s what we’re about. Founded in 2010, we are one of the ten largest banks headquartered in the state of Texas. We became a publicly traded company in 2014 and in 2020 and 2021 we were listed on Fortune’s 100 Fastest Growing Companies. Headquartered in Dallas, Texas, we’ve built a bank forever rooted in truth, transparency, and uncompromising integrity.
We know our strongest asset is the passion, authenticity, and talent of our people. We focus on the growth and development of each team member to unlock potential to “Be Your True Self.” Our “True You” culture is made up of five pillars:
1. Be Mindful
2. Be Healthy
3. Be Better
4. Be Prosperous
5. Be Faithful
With this as our foundation, we’ve built a bank of people who are transparent, tell the truth, and act with integrity. We unite together in common purpose - caring deeply for our clients and communities, communicating openly with each other, and treating everyone with respect. Visit our website at www.VeritexBank.com and come see how we’re bringing truth and transparency to Texas banking.
Veritex Community Bank does not accept unsolicited resumes from recruiters or employment agencies. Veritex Community Bank is under no obligation to pay any referral compensation or recruiter fee in the absence of a current executed Recruitment Services Agreement. In the event a recruiter or agency submits an unsolicited resume or candidate without an agreement, Veritex reserves the right to pursue and hire those candidate(s) without any financial obligation to the recruiter or agency. Any unsolicited resumes, including those submitted to hiring managers, shall be deemed the property of Veritex Community Bank.
If your agency would like to be considered as a potential future recruiting partner, please leave your contact information at Recruiting@VeritexBank.com.
Work environment and Physical demands: The employee may occasionally lift and/or move up to 25 pounds. The employee may occasionally stand, walk, reach, climb, balance, stoop, kneel, crouch, or crawl. The work environment and physical demands are those of a standard office setting. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of the job.
Disclaimer: This job description is not an inclusive list of all duties and responsibilities of the position. Incumbents will be required to follow any other job- related instructions and to perform any other job-related duties requested by any person authorized to give instructions or assignments. Veritex Bank reserves the right to amend and change responsibilities to meet business and organizational needs.
This document does not create an employment contract, implied or otherwise, other than an “at will” relationship. Veritex Community Bank is an equal opportunity employer. Veritex Community Bank Corporate Human Resources, Dallas, Texas.
We are committed to a policy of Equal Employment Opportunity and will not discriminate against an applicant or employee on the basis of race, color, religion, creed, national origin or ancestry, sex, age, physical or mental disability, veteran or military status, genetic information, sexual orientation, marital status, or any other legally recognized protected basis under federal, state or local laws, regulations or ordinances. The information collected by this application is solely to determine suitability for employment, verify identity and maintain employment statistics on applicants.
Applicants with disabilities may be entitled to reasonable accommodation under the terms of the Americans with Disabilities Act and certain state or local laws. A reasonable accommodation is a change in the way things are normally done which will ensure an equal employment opportunity without imposing undue hardship on the Company. Please inform the Company’s personnel representative if you need assistance completing any forms or to otherwise participate in the application process

Conduct regular vulnerability assessments of systems and applications using tools like Tanium and Tenable.
Analyze and interpret vulnerability scan results, prioritizing vulnerabilities based on risk levels.
Collaborate with cross-functional teams to develop and implement effective remediation plans for identified vulnerabilities.
Conduct penetration testing and vulnerability research to identify new and emerging threats.
Develop, update, and maintain security policies, procedures, and best practices.
Monitor security logs and alerts to identify potential security incidents and respond appropriately.
Investigate security incidents to determine root causes and formulate remediation strategies.
Work with IT teams to ensure adherence to security policies and procedures.
Develop and deliver security training and awareness programs for employees.
Participate in internal and external security audits and assessments.
Stay abreast of emerging security threats, vulnerabilities, and industry best practices.
Provide technical guidance and mentorship to junior team members and peers.
Collaborate with other teams to implement security controls, technologies, and secure coding practices.
Participate in incident response activities as needed.
Communicate with senior management and stakeholders about security risks, vulnerabilities, and incidents.
Utilize ServiceNow Security Operations to manage and track security incidents and requests.
Coordinate with third-party vendors and service providers to ensure compliance with security policies and procedures.
Conduct risk assessments on new systems and applications before deployment.
Assist in the development and implementation of disaster recovery and business continuity plans.
Maintain comprehensive security-related documentation, including policies, standards, procedures, and guidelines.
Conduct security reviews and assessments of third-party vendors and service providers.
Provide input on the evaluation and selection of security tools and technologies.
Perform continuous security research and provide recommendations for new security products and services.
Assist in preparing and delivering security-related training and awareness programs.