Vice President, Information Security at BNY

Pittsburgh, Pennsylvania, United States -

Full Time

Start Date

Immediate

Expiry Date

15 Jul, 26

Salary

173000.0

Posted On

16 Apr, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Vulnerability management, Cybersecurity, Risk assessment, Network security, Application security, Infrastructure hardening, Cloud technology, Qualys, Wiz.io, Python, Powershell, SQL, NIST frameworks, Threat intelligence, Compliance auditing, Automation

Industry

Financial Services

Description

Vice President, Information Security At BNY, our culture allows us to run our company better and enables employees’ growth and success. As a leading global financial services company at the heart of the global financial system, we influence nearly 20% of the world’s investible assets. Every day, our teams harness cutting-edge AI and breakthrough technologies to collaborate with clients, driving transformative solutions that redefine industries and uplift communities worldwide. Recognized as a top destination for innovators and champions of inclusion, BNY is where bold ideas meet advanced technology and exceptional talent. Together, we power the future of finance – and this is what #LifeAtBNY is all about. Join us and be part of something extraordinary. We’re seeking a future team member for the role of Vulnerability Management Operations VP to join our CyberSecurity team. This role is located in Pittsburg,PA In this role, you’ll make an impact in the following ways: * Serve as vulnerability management analyst for information systems as primary responsibility * Perform information system security vulnerability scanning to discover and analyze vulnerabilities and characterize risks to networks, operating systems, applications, databases, and other information system components. * Conduct risk-based assessment on security vulnerabilities and determine impact to various IT infrastructures. * Prioritize risks and drive remediation by outlining and providing advice and solutions to technology owners on effective security controls and counter measures. * Prioritize remediation activities based upon the results of the Enterprise-wide scanning program, Intel Threat advisories, or internal/external audits. * Engage with stakeholders, to include IT professionals, management, and auditors, to facilitate vulnerability discovery and remediation. * Communicate security and compliance issues in an effective and appropriate manner * Recommend appropriate remedial actions to mitigate risks and ensure information systems employ appropriate level of information security controls * Validate remedial actions and ensure compliance with information security policy and regulatory requirements. * Stay abreast on new security vulnerabilities and latest advancements in configuration compliance assessments from internal or external threat intelligence sources. * Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement and automation. * Conducts adhoc vulnerability scans if needed and coordinates remediation with appropriate support teams. * Collaborate with our IT Stakeholders and LOB application owners. To be successful in this role, we’re seeking the following: * Bachelor's degree in information technology (or related field) with minimum of 6-10 years’ experience * Possess strong knowledge of various technologies and security topics including operating systems, network security, protocols, application security, infrastructure hardening and security baselines. * Knowledge of industry standards relating to Vulnerability Management including Common Vulnerabilities and Exposures (CVE), Common Vulnerability Scoring System (CVSS) and Open Web Application Security Project (OWASP) strongly desired. * Practical experience with identifying, analyzing, and communicating cyber threat and vulnerability information. * Hold key Cybersecurity Certifications, Security+, CISSP, CEH, SANS etc * Experience working with cloud technology (Azure, GCP, AWS.) * Strong working knowledge of vulnerability management toolsets (Qualys, Wiz.io, Xray Jfrog etc.) * Strong working knowledge of operational baselines hardening * Knowledge of sound, industry-accepted server software support practices and methodologies * Familiar with International Standards, NIST Special Publications and Cyber Security Frameworks * Experience with assessing vulnerability management programs * Familiarity with General IT infrastructure and enterprise architecture (e.g., Server, Network, Workstation, Cloud, etc.) * Familiarization with patching processes and related technologies (e.g. BladeLogic, SCCM) * Familiarity with enterprise risk management and how cyber threats and vulnerabilities integrate into ERM efforts * Background and knowledge of general cyber security concepts (e.g. defense-in-depth security architectures, security controls) * Exemplary verbal and written communication skills (English business fluent spoken and written) * Demonstrated ability to think strategically and perform detailed, complex analysis and data interpretation * Effective interpersonal skills, out-of-the-box thinking and ability to interface with all levels of staff * Ability to work under pressure and deal with ambiguous situations * Ability to read and write scripts in various languages. (php, python, ksh, powershell, SQL, and similar) * Experience and proficiency in a various toolsets and best practices. * Self-motivated and able to work in an independent manner. At BNY, our culture speaks for itself, check out the latest BNY news at: BNY Newsroom [https://www.bny.com/corporate/global/en/about-us/newsroom.html] BNY LinkedIn [https://www.linkedin.com/company/bnyglobal/posts/?feedView=all] Here’s a few of our recent awards: * America’s Most Innovative Companies, Fortune, 2025 * World’s Most Admired Companies, Fortune 2025 * “Most Just Companies”, Just Capital and CNBC, 2025 Our Benefits and Rewards: BNY offers highly competitive compensation, benefits, and wellbeing programs rooted in a strong culture of excellence and our pay-for-performance philosophy. We provide access to flexible global resources and tools for your life’s journey. Focus on your health, foster your personal resilience, and reach your financial goals as a valued member of our team, along with generous paid leaves, including paid volunteer time, that can support you and your family through moments that matter. BNY is an Equal Employment Opportunity/Affirmative Action Employer - Underrepresented racial and ethnic groups/Females/Individuals with Disabilities/Protected Veterans. At BNY, our culture speaks for itself, check out the latest BNY news at BNY Newsroom [https://www.bny.com/corporate/global/en/about-us/newsroom.html] & BNY LinkedIn [https://www.linkedin.com/company/bnyglobal/posts/?feedView=all] Here’s a few of our recent awards: * America’s Most Innovative Companies, Fortune, 2025 * World’s Most Admired Companies, Fortune 2025 * “Most Just Companies”, Just Capital and CNBC, 2025 Our Benefits and Rewards: BNY offers highly competitive compensation, benefits, and wellbeing programs rooted in a strong culture of excellence and our pay-for-performance philosophy. We provide access to flexible global resources and tools for your life’s journey. Focus on your health, foster your personal resilience, and reach your financial goals as a valued member of our team, along with generous paid leaves, including paid volunteer time, that can support you and your family through moments that matter. BNY is an Equal Employment Opportunity/Affirmative Action Employer - Underrepresented racial and ethnic groups/Females/Individuals with Disabilities/Protected Veterans. BNY assesses market data to ensure a competitive compensation package for our employees. The expected base salary for this position when employment commences can be found in the Job Info section at the bottom of the posting. Base salary offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. Base salary is only part of the total rewards package, which may include eligibility for an annual discretionary incentive award. Subject to the terms and conditions of the applicable plans then in effect, eligible employees may enroll in a 401(k) plan as well as participate in Company-sponsored medical, dental, vision, and basic life insurance plans for the employee and the employee’s eligible dependents. Eligible employees also may receive other benefits (including various paid time off benefits, such as vacation and sick time), dependent on the position offered. Details of participation in these benefit plans will be provided if an employee receives an offer of employment. If hired, the employee will be in an “at will” position and the Company reserves the right to modify base salary (as well as any other discretionary payments or compensation programs) at any time, including for reasons related to individual performance, Company or individual department/team performance, and market factors.

How To Apply:

Incase you would like to apply to this job directly from the source, please click here

Responsibilities

The role involves serving as a vulnerability management analyst to discover, analyze, and characterize security risks across IT infrastructures. You will prioritize remediation efforts, collaborate with stakeholders, and ensure compliance with security policies and regulatory requirements.