Security management specialist job description
Updated March 14, 2024
6 min read
Find better candidates in less time
Post a job on Zippia and take the best from over 7 million monthly job seekers.
Example security management specialist requirements on a job description
Security management specialist requirements can be divided into technical requirements and required soft skills. The lists below show the most common requirements included in security management specialist job postings.
Sample security management specialist requirements
- Extensive knowledge of security management best practices.
- Experience with risk management and regulatory compliance.
- Proficient in security software and network infrastructure.
- Experience with security policies, procedures, and standards.
- Familiarity with cryptography and encryption technologies.
Sample required security management specialist soft skills
- Excellent communication and interpersonal skills.
- Strong analytical and problem-solving abilities.
- Ability to work independently and as part of a team.
- Highly organized and detail-oriented.
Security management specialist job description example 1
BNY Mellon security management specialist job description
Who We Are:
At BNY Mellon, Cyber Security is a top priority for both technology and the business. Our Information Security Division are on constant alert using their creativity and knowledge of cybersecurity, technology, and business processes to develop and deliver solutions. In this fast-paced environment, we collaborate to respond to current risks while identifying and anticipating future threats. Our cyber capabilities encompass the full spectrum of services from Cyber Operations (SOC, Cyber Threat Intelligence, Vulnerability Management, Cyber Incident Response, Penetration Testing & Red Teaming, Cyber Analytics & Fraud, and Insider threat) to Cyber Architecture and Engineering (Network, Platform, Cloud, and Applications Security). We provide a robust set of cyber services that provide full scope protection and response capabilities across the BNY Mellon enterprise. We drive an understanding of cybersecurity risk and the steps that must be taken to create and maintain a secure environment that drives innovation.
What you will be doing:
As the Specialist, Information Security, Vulnerability Management you will be responsible for vulnerability scanning program and publishing reported vulnerabilities to impacted teams for remediation.
* Experience and understanding of vulnerabilities, vulnerability management and vulnerable software.
* Triage and risk rank vulnerabilities according to severity and exposure. Work with Product and IT teams to risk rank and patch vulnerabilities related to the technology stack.
* Continuous review of configuration management and vulnerability management posture inside the company and knowledge of all external developments that could impact the bank posture, including vendor patches, zero-day exploits, end-of-life systems or deprecated services.
* Comprehensive knowledge in conducting Network/ Infrastructure Vulnerability Assessment.
* Experience in developing secure practices and vulnerability remediation in cloud infrastructure (Azure, GCP, AWS).
* Experience in container security and vulnerability remediation across containers.
* Good understanding of threat/risk management and threat/risk assessment.
* Coordination with various infrastructure/support teams to ensure alignment of effective implementation of Infrastructure Security controls and processes.
* Ensure that vulnerability assessments are performed to evaluate effectiveness of security controls in operating systems, middleware, databases, and network.
* Monitor Cyber space for emerging threats.
* Identification and remediation of new vulnerabilities in bank Infrastructure.
* Monitoring, alerting and escalation of security incidents and non-compliance with respect to Information Security policy & Standards.
* Working Knowledge of leading Infrastructure Security vendors and products, multiple information security technologies.
* Work with the team to automate the process using scripting and automation tools to improve the efficiency (Added advantage).
* Technical liaison with external vendors and service providers for timely rectification of any related problems.
* Advising senior stakeholders on security/ risk issues relating to wider business environment.
Qualifications:
* Bachelor's degree in computer science or a related discipline, or equivalent work experience required.
* 6-8 years of experience in information security or related technology experience required with experience in the securities or financial services industry being a plus.
BNY Mellon is an Equal Employment Opportunity/Affirmative Action Employer. Minorities/Females/Individuals With Disabilities/Protected Veterans.
Our ambition is to build the best global team - one that is representative and inclusive of the diverse talent, clients and communities we work with and serve - and to empower our team to do their best work. We support wellbeing and a balanced life, and offer a range of family-friendly, inclusive employment policies and employee forums.
At BNY Mellon, Cyber Security is a top priority for both technology and the business. Our Information Security Division are on constant alert using their creativity and knowledge of cybersecurity, technology, and business processes to develop and deliver solutions. In this fast-paced environment, we collaborate to respond to current risks while identifying and anticipating future threats. Our cyber capabilities encompass the full spectrum of services from Cyber Operations (SOC, Cyber Threat Intelligence, Vulnerability Management, Cyber Incident Response, Penetration Testing & Red Teaming, Cyber Analytics & Fraud, and Insider threat) to Cyber Architecture and Engineering (Network, Platform, Cloud, and Applications Security). We provide a robust set of cyber services that provide full scope protection and response capabilities across the BNY Mellon enterprise. We drive an understanding of cybersecurity risk and the steps that must be taken to create and maintain a secure environment that drives innovation.
What you will be doing:
As the Specialist, Information Security, Vulnerability Management you will be responsible for vulnerability scanning program and publishing reported vulnerabilities to impacted teams for remediation.
* Experience and understanding of vulnerabilities, vulnerability management and vulnerable software.
* Triage and risk rank vulnerabilities according to severity and exposure. Work with Product and IT teams to risk rank and patch vulnerabilities related to the technology stack.
* Continuous review of configuration management and vulnerability management posture inside the company and knowledge of all external developments that could impact the bank posture, including vendor patches, zero-day exploits, end-of-life systems or deprecated services.
* Comprehensive knowledge in conducting Network/ Infrastructure Vulnerability Assessment.
* Experience in developing secure practices and vulnerability remediation in cloud infrastructure (Azure, GCP, AWS).
* Experience in container security and vulnerability remediation across containers.
* Good understanding of threat/risk management and threat/risk assessment.
* Coordination with various infrastructure/support teams to ensure alignment of effective implementation of Infrastructure Security controls and processes.
* Ensure that vulnerability assessments are performed to evaluate effectiveness of security controls in operating systems, middleware, databases, and network.
* Monitor Cyber space for emerging threats.
* Identification and remediation of new vulnerabilities in bank Infrastructure.
* Monitoring, alerting and escalation of security incidents and non-compliance with respect to Information Security policy & Standards.
* Working Knowledge of leading Infrastructure Security vendors and products, multiple information security technologies.
* Work with the team to automate the process using scripting and automation tools to improve the efficiency (Added advantage).
* Technical liaison with external vendors and service providers for timely rectification of any related problems.
* Advising senior stakeholders on security/ risk issues relating to wider business environment.
Qualifications:
* Bachelor's degree in computer science or a related discipline, or equivalent work experience required.
* 6-8 years of experience in information security or related technology experience required with experience in the securities or financial services industry being a plus.
BNY Mellon is an Equal Employment Opportunity/Affirmative Action Employer. Minorities/Females/Individuals With Disabilities/Protected Veterans.
Our ambition is to build the best global team - one that is representative and inclusive of the diverse talent, clients and communities we work with and serve - and to empower our team to do their best work. We support wellbeing and a balanced life, and offer a range of family-friendly, inclusive employment policies and employee forums.
Post a job for free, promote it for a fee
Security management specialist job description example 2
JPMorgan Chase & Co. security management specialist job description
The Network Product Line Security Risk Management Team is in charge of setting the strategy, getting buy-in across the organization and driving execution. The Product Risk Associate will support the product team to manage any risks associated to the products. This includes:
Support Product Owners to help create strategy to address risks across the network security product Own the maintenance and uplifts of the network security controls and associated control objectives and standards Align audit & regulatory commitments to products Ensure product controls are aligned to and assessed against the firms Threat Scenarios and Risk Framework to model a comprehensive view of control gaps and effectiveness Engage stakeholders in the LOBs to identify needs and map it to network product roadmap to reduce risk Escalate and obtain approvals for strategies to address identified risks
Requirements
:
• 3+ Years of experience in a product/program management role, within enterprise technology and more specifically - Cybersecurity
• 3+ Years of experience working with end-to-end information technology (IT) process, including architecture, design & engineering, implementation, and operations
• 3+ Years of working in an Agile environment, best practices, and managing priorities via an active backlog & Jira
• 2+ Years of risk management related experience highly desired
• Knowledge or experience of cloud security is a plus
• Knowledge or experience with Splunk, Phantom, and SQL is a plus
• Proven ability to provide product management artifacts and deliverables such as roadmaps, product overviews, reports, backlog and documentation.
• Excellent command of cybersecurity organization practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies
• Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity - FISMA, PCI, NIST
• Noted cybersecurity expert, keeping technical skills current and participating in multiple forums
BS/BA degree or equivalent experience
JPMorgan Chase & Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world's most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as any mental health or physical disability needs.
The health and safety of our colleagues, candidates, clients and communities has been a top priority in light of the COVID-19 pandemic. JPMorgan Chase was awarded the "WELL Health-Safety Rating" for all of our 6,200 locations globally based on our operational policies, maintenance protocols, stakeholder engagement and emergency plans to address a post-COVID-19 environment.
As a part of our commitment to health and safety, we have implemented various COVID-related health and safety requirements for our workforce. Employees are expected to follow the Firm's current COVID-19 or other infectious disease health and safety requirements, including local requirements. Requirements include sharing information including your vaccine card in the firm's vaccine record tool, and may include mask wearing. Requirements may change in the future with the evolving public health landscape. JPMorgan Chase will consider accommodation requests as required by applicable law.
Equal Opportunity Employer/Disability/Veterans
Support Product Owners to help create strategy to address risks across the network security product Own the maintenance and uplifts of the network security controls and associated control objectives and standards Align audit & regulatory commitments to products Ensure product controls are aligned to and assessed against the firms Threat Scenarios and Risk Framework to model a comprehensive view of control gaps and effectiveness Engage stakeholders in the LOBs to identify needs and map it to network product roadmap to reduce risk Escalate and obtain approvals for strategies to address identified risks
Requirements
:
• 3+ Years of experience in a product/program management role, within enterprise technology and more specifically - Cybersecurity
• 3+ Years of experience working with end-to-end information technology (IT) process, including architecture, design & engineering, implementation, and operations
• 3+ Years of working in an Agile environment, best practices, and managing priorities via an active backlog & Jira
• 2+ Years of risk management related experience highly desired
• Knowledge or experience of cloud security is a plus
• Knowledge or experience with Splunk, Phantom, and SQL is a plus
• Proven ability to provide product management artifacts and deliverables such as roadmaps, product overviews, reports, backlog and documentation.
• Excellent command of cybersecurity organization practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies
• Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity - FISMA, PCI, NIST
• Noted cybersecurity expert, keeping technical skills current and participating in multiple forums
BS/BA degree or equivalent experience
JPMorgan Chase & Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world's most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as any mental health or physical disability needs.
The health and safety of our colleagues, candidates, clients and communities has been a top priority in light of the COVID-19 pandemic. JPMorgan Chase was awarded the "WELL Health-Safety Rating" for all of our 6,200 locations globally based on our operational policies, maintenance protocols, stakeholder engagement and emergency plans to address a post-COVID-19 environment.
As a part of our commitment to health and safety, we have implemented various COVID-related health and safety requirements for our workforce. Employees are expected to follow the Firm's current COVID-19 or other infectious disease health and safety requirements, including local requirements. Requirements include sharing information including your vaccine card in the firm's vaccine record tool, and may include mask wearing. Requirements may change in the future with the evolving public health landscape. JPMorgan Chase will consider accommodation requests as required by applicable law.
Equal Opportunity Employer/Disability/Veterans
Dealing with hard-to-fill positions? Let us help.
Resources for employers posting security management specialist jobs
Average cost of hiring
Recruitment statistics
How to write a job description
Examples of work conditions
Security management specialist job description FAQs
Ready to start hiring?
Updated March 14, 2024
Updated March 14, 2024